Hackers claim major breach of Novo Nordisk, may sell data

A cyber extortion group called FulcrumSec claimed on June 14 to have breached Novo Nordisk, a Danish pharmaceutical company, stealing over 1.3 terabytes of data. The group stated it spent two months inside Novo Nordisk’s networks, accessing source code, proprietary drug information—including data on released and unreleased medications—and sensitive records of employees, doctors, and 11,500 clinical trial patients. The breach also reportedly included details on production facilities and internal AI models. FulcrumSec demanded $25 million from Novo Nordisk but said the company refused to pay, prompting the group to explore selling portions of the stolen data. The hackers specified they would not release certain data, such as employee and physician records, operational technology details, and sensor/machinery-related information, as part of a 'harm-reduction strategy.' Novo Nordisk acknowledged a cybersecurity incident on June 11, stating unauthorized access occurred in a limited number of internal IT systems, including personal data. The company did not immediately respond to FulcrumSec’s claims, and Reuters could not independently verify the authenticity of the leaked data. Cybersecurity experts, including Thomas Willkan of Lab-1, described FulcrumSec as a credible group with a track record of legitimate capabilities. The group’s claims align with reports from DataBreaches.net, which cited correspondence with Novo Nordisk beginning in early June, listing over 700,000 compromised files. FulcrumSec’s breach targets Novo Nordisk’s high-profile drugs, including Wegovy and Ozempic, used for obesity and diabetes treatment. The group’s actions highlight growing risks in cyber extortion, particularly for industries handling sensitive intellectual property and patient data.