Hacking Group Claims Major Hack of Novo Nordisk, Attempted $25 Million Extortion (reuters.com)
- Reference: 0183925644
- News link: https://yro.slashdot.org/story/26/06/17/0617255/hacking-group-claims-major-hack-of-novo-nordisk-attempted-25-million-extortion
- Source link: https://www.reuters.com/legal/government/hacking-group-claims-major-hack-novo-nordisk-attempted-25-million-extortion-2026-06-16/
> FulcrumSec, a cyber extortion group that emerged in October 2025, said in a long message posted to its website that it spent more than two months in Novo Nordisk's networks stealing data. It said that data included company source code, proprietary information on released and unreleased drugs, trial data, employee, doctor and patient data, information related to company processing facilities and internal AI model information.
>
> [...] FulcrumSec told Reuters in an email that Novo Nordisk representatives contacted the group on June 3, roughly 48 hours after the group's initial contact to unnamed company executives. The company used a random Proton Mail email address sent to email addresses that FulcrumSec used in its initial outreach, and confirmed it was the company by requesting specific files for verification only the company would know about.
>
> The FulcrumSec representative also said that the group would prefer not to sell data, "as open sourcing it is a more effective deterrent for future companies to avoid paying." [...] FulcrumSec said it would not share some of the data it stole, including information on thousands of company employees and physicians, and roughly 11,500 pseudonymized clinical trial patients. The group said it also would withhold data related to operational technology and software used to interact with sensors and machinery at Novo Nordisk production facilities as part of its "harm-reduction strategy."
A Novo Nordisk spokesperson said in an email that the company "is aware of claims that data allegedly copied externally without authorization from our systems has been published online. We take this matter seriously and maintain continued operations of our main platforms. We are in contact with the relevant authorities."
[1] https://www.reuters.com/legal/government/hacking-group-claims-major-hack-novo-nordisk-attempted-25-million-extortion-2026-06-16/
More? (Score:2)
With the number of available and vulnerable IoT devices and the number of motivated hacker groups supercharged with LLMs, shouldn't a lot of company and government secrets get revealed these days? Perhaps news organisations have a bottleneck being underfunded to go through leaked material?
India strikes again (Score:3)
I cannot name one single American large medical provider or pharma company that doesn't outsource its IT engineering and maintenance to clueless Indian companies who rush everything, lie about credentials, and generally just don't give a shit. Hmm, I wonder what led to this.
Re: (Score:3)
> Hmm, I wonder what led to this.
The bean counters and finance bros have calculated the risks to be acceptable.
Re: (Score:2)
100000% Correct!
Limited Customers (Score:2)
Sure, that's a lot of valuable data. But what pharmaceutical company would want to touch that, maybe some fly-by-night small foreign players. But anyone who would get close to dropping $25 million is going to avoid the liability like the plague.
It's purchase time (Score:2)
The U.S. Department of Justice can now set up a cutout and try to buy that data as part of a criminal investigation and sting operation.
Here's hoping they do, and that they nail these bastards, as an example to the rest of them.
Re: (Score:2)
The company is Danish.
Re: (Score:2)
They're the makers of Ozempic so an attack on them is an attack on Americans, obviously!
Re: (Score:1)
Stop eating Danishes and fatty won't need Ozempic; just sayin'.
Re: (Score:2, Flamebait)
> The U.S. Department of Justice can now set up a cutout and try to buy that data as part of a criminal investigation and sting operation.
Instead they will buy that data as part of an investigation in to who's getting abortions. You forgot who's running this country, they're not interested in catching criminals. That's difficult and expensive compared to declaring victory.