Ozempic Maker Novo Nordisk Hit by Massive Cyberattack, Hackers Claim Theft of 1.3TB Clinical Trial and AI Data

Novo Nordisk, the pharmaceutical giant behind blockbuster drugs Ozempic and Wegovy, is facing a major cybersecurity crisis after a ransomware gang claimed it stole 1.3 terabytes of sensitive company data and began leaking samples online.

The cybercrime group, known as FulcrumSec, says it gained access to Novo Nordisk’s systems months ago and exfiltrated a huge cache of information, including clinical trial records, employee data, research documents and proprietary artificial intelligence models used in drug development.

The hackers have reportedly demanded a ransom of $25 million. After alleging that the company refused to pay, the group started publishing samples of the stolen data on its leak site.

Hackers Claim Access to Clinical Trial Data

According to FulcrumSec, the stolen information includes data linked to thousands of participants involved in clinical trials, along with internal research projects and drug development programs.

The gang also claims it obtained details about experimental compounds being studied for conditions such as diabetes, obesity, chronic kidney disease and sickle cell disease.

While Novo Nordisk has acknowledged an IT security incident involving unauthorized access to some internal systems, the company has not confirmed the scale of the breach claimed by the hackers.

AI Models Allegedly Among Stolen Files

One of the most striking claims made by the attackers involves artificial intelligence tools used by the company.

FulcrumSec says the stolen cache contains dozens of AI models, datasets and scientific imaging files. The group has even suggested it may attempt to sell some of the data privately.

If verified, the leak could expose years of pharmaceutical research and development work, potentially giving competitors or hostile actors access to highly valuable intellectual property.

How the Breach Allegedly Happened

The hackers claim they first entered Novo Nordisk’s environment through exposed credentials and access tokens that were mistakenly left accessible within development systems.

According to their account, this allowed them to move through multiple internal platforms and gain access to research databases, employee information and clinical trial records.

Novo Nordisk has not publicly confirmed these allegations.

Novo Nordisk said it is aware of claims that stolen data has been published online and is working with relevant authorities.

Its main platforms remain operational and that protecting patient information and maintaining reliable services remain top priorities.

A Growing Threat to Pharma Companies

The attack highlights a growing trend in cybercrime where hackers are no longer focused solely on encrypting systems. Increasingly, they steal valuable data first and then use the threat of public exposure to pressure companies into paying.

For pharmaceutical firms, the risks are particularly high. Research data, clinical trials and intellectual property can be worth far more than the ransom itself.

As investigators continue to examine the incident, one key question remains unanswered: how much of FulcrumSec’s claims are accurate. If the hackers’ assertions prove true, the breach could become one of the most significant cyber incidents to hit the pharmaceutical industry in recent years.

Read More:  'Just Use Cloudflare Bro': Class 12 Ethical Hacker Sarthak To CBSE Over Cyber Attacks