Novartis Victim of Cyberattack But No Sensitive Data Leaked

Cyberattacks affect everyone, including pharmaceutical behemoths like Novartis.

The week ending June 4th, specialised IT website Bleeping Computer revealed that Industrial Spy, a hacker gang that operates an extortion marketplace trading stolen information, posted data supposedly taken from Novartis. Fortunately for the pharmaceutical industry, it claims that no critical data was exposed as a result of the hack. As per the description of the stolen data, the hackers claimed the data was taken straight from the lab setting of the production plant.

According to Bleeping Computer, the data was most likely stolen on February 25. The manufacturer confirmed that it was aware of the situation and that it had conducted a comprehensive investigation. The firm said in a statement that they can assure no sensitive data has been compromised. They take data security and privacy extremely seriously, and have put in place industry-standard safeguards to protect the data in the face of such threats.

According to Bleeping Computer, Industrial Spy has also been known to deploy ransomware in its operations. There was no proof that business devices were encrypted in this case. According to Swiss Risk and Care, Switzerland is third among the most affected European countries by cyberattacks, behind Germany and the United Kingdom. It is the world’s eighth most targeted country.

Constella Intelligence, a digital risk prevention organisation, reported well over 200,000 total data breaches and data leaks from 20 drug manufacturers in a February report. 59% of all data breaches and 79% of all exposed records occurred after 2020.

In recent years, pharmaceutical businesses have been attempting to improve their cyber defences. Merck was hit by a cyberattack in 2017 that cost the company more than $1 billion.