Hackers accessed vaccine documents in EMA cyber attack

Information relating to the Pfizer/BioNTech vaccine was targeted during the attack on the European Medicines Agency

Blue European Medicines Agency logo on their HQ in London

Documents related to the Pfizer and BioNTech's COVID-19 vaccine were "unlawfully accessed" by hackers after a cyber attack on the European Medicines Agency (EMA). 

The EMA, which is responsible for assessing and approving vaccines for the European Union, said in a statement on its website that it had suffered a cyber attack and was working with law enforcement to investigate the incident. 

"EMA has been the subject of a cyber attack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities," it said. 

"EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course."

While the EMA didn't reveal any further details, Pfizer and BioNTech said in a joint statement that some documents related to their COVID-19 submissions were accessed by hackers during the attack. 

"Today, we were informed by the European Medicines Agency (EMA) that the agency has been subject to a cyber attack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed," Pfizer's and BioNTech's joint statement read.

"At this time, we await further information about EMA’s investigation and will respond appropriately and in accordance with EU law. EMA has assured us that the cyber attack will have no impact on the timeline of its review."

It was not immediately clear when or how the attack took place, who was responsible or what other information may have been compromised.

The UK's National Cyber Security Centre (NCSC) said it was "working to understand the impact of the incident" on the UK, the first country where the Pfizer/BioNTech vaccine has been deployed.

"There is currently no evidence to suggest that the UK’s medicine regulator has been affected," an NCSC spokesperson added. 

News of the attack comes just days after IBM revealed that global phishing campaign is targeting organisations working to ensure the temperature-controlled storage and transportation of the COVID-19 vaccine. 

According to IBM Security X-Force, targets included organisations within the energy, manufacturing, website creation, and internet security industries across Germany, Italy, South Korea, Czech Republic and Taiwan.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

FBI warns of ongoing corporate vishing attacks
phishing

FBI warns of ongoing corporate vishing attacks

19 Jan 2021
How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Hackers using COVID vaccine as a lure to spread malware
hacking

Hackers using COVID vaccine as a lure to spread malware

15 Jan 2021
Cyber criminals bypassing MFA to access cloud service accounts
two-factor authentication (2FA)

Cyber criminals bypassing MFA to access cloud service accounts

14 Jan 2021

Most Popular

IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021