Pharmaceutical

February 25, 2022: Novartis claims no sensitive data breach in latest cyberattack by Industrial Spy.

June 2022: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, 2022 the hacking group began selling data allegedly stolen from Novartis on their Tor extortion marketplace for $500,000 in bitcoins. The data being sold consists of 7.7 MB of PDF files, which all have a timestamp of 2/25/2022 04:26, likely when the data was stolen. As the amount of data for sale is minimal, it is not clear if this is all the threat actors stole or if they have further data to sell later.

Novartis declined to answer any further questions about the breach, when it occurred, and how the threat actors gained access to their data.

September 27, 2021: Pharma Service Provider Hit in Cyber Attack

Digital prescription fulfillment provider, Ravkoo, suffered a cybersecurity incident this past September where an unauthorized third party infiltrated the company’s AWS cloud portal affecting 105,000 of its customers.
On September 27, Auburndale, Florida-based Ravkoo fell victim to a cybersecurity incident, which may have exposed prescription and health information located on the AWS portal, according to the letter to the New Hampshire Attorney General signed by Ross M. Molina of Wilson Elser Moskowitz Edelman & Dicker LLP.

November 14, 2021: Supernus Pharma Hit in Ransomware Attack

Rockville, Maryland-based Supernus Pharmaceuticals, Inc., a biopharmaceutical company, said Wednesday it was a target of a ransomware attack.
The attack, which started November 14, had no significant impact on the business and did not cause any serious disruption to the company’s operations, officials said in an advisory. The company added it continues to operate without interruption and does not currently anticipate paying any ransom amounts to any criminal ransomware group.

January 1, 2011: Hacker froze operations at pharmaceutical company

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2003: Ethernet Network Storm Zaps Multiple PLC5’s

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

May 6, 2020: Fresenius Kabi Computer Virus

A computer virus infected at least one of its businesses’ IT systems. The corporation said the security incident had hampered some production in its pharmaceutical business, which makes everything from nutritional products and infusion therapies to pain relievers that are in high demand during the coronavirus pandemic

September 27, 2017: Merck Ransomware Attack

Crippled more than 30,000 laptop and desktop computers, as well as 7,500 servers,. Crippled Merck’s production facilities. Cost the company $1.3Billion.

Pin It on Pinterest

Scroll to Top