1st came a cyber-attack on the EMA, but now cyber-criminals have now leaked Pfizer & BioNTech COVID-19 vaccine data on the internet.
After the previously reported cyber-attack on the European Medicines Agency (EMA), cyber-criminals have now revealed onto the internet compromised data related to COVID-19 vaccinations!
The EMA is an agency of the European Union in charge of the evaluation & supervision of medicinal products in the EU. In Dec, the agency disclosed that threat players broke into its server & accessed documentation about the vaccine from Pfizer & BioNTech.
Specifically accessed were some documents relating to the regulatory submission for the companies’ COVID-19 vaccine candidate, BNT162b2, which was stored on the EMA server, a Pfizer spokesperson confirmed.
This week, when “the ongoing investigation of the cyber-attack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines & vaccines belonging to 3d parties have been leaked on the internet.” According to a Tues. update from the EMA on its website, “necessary action is being taken by the law-enforcement authorities.”
The EMA has not disclosed detailed specifics of the cyber-attack, including the timeframe, the initial point of compromise & what specific data on these regulatory submission documents was accessed. In its Tues. update, it said it continues to notify “additional entities & individuals whose documents & personal data may have been subject to unauthorised access.”
However, the networks of the EMA remain fully operational & the timelines related to the evaluation & approval of COVID-19 vaccines are not affected, the agency stressed.
The BNT162b2 vaccine has been rolled out across the UK & is in the process of being approved & rolled out in other countries. Note, Pfizer & BioNTech submitted vaccine approval requests to European drug regulatory bodies on Dec. 1.
“It is important to note that no BioNTech or Pfizer systems have been breached in connection with this incident, & we are unaware of any personal data being accessed,” a Pfizer spokesperson commented.
“At this time, we await further information about EMA’s investigation & will respond appropriately & in accordance with E.U. law. Our focus remains steadfast on working in close partnership with govts. & regulators around the world to bring our COVID-19 vaccine to people around the globe as safely & as efficiently as possible to help bring an end to this devastating pandemic.”
The cyber-attack comes during the mass rollout of various COVID-19 vaccines worldwide. Documents about these vaccines – & the development process behind them – can be used for malicious intent of various stripes, such as espionage or financial cyber-attacks.
Another reason for cyber-criminals to publish such data on the internet could be to create noise or misinformation, Dirk Schrader, Global VP at New Net Technologies explained. Possibly, it could be about gaining credos in the underground.
“EMA, as a European institution, is certainly considered a hard target,” commented Schrader. “This might be the simplest reason for the documents being published, as a kind of proof among hacking groups.”
Cyber-criminals have been tapping into the vaccine rollout with everything from simple phishing scams all the way up to sophisticated Zebrocy malware campaigns. Earlier in Dec., it was revealed that the Lazarus Group APT & other sophisticated nation-state actors were actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts.
Joseph Carson, Chief Security Scientist & Advisory CISO at Thycotic, outlined that the incident is a hard reminder that cyber-criminals will try to gain unauthorised access & steal sensitive information linked to COVID-19 – especially any details related to vaccines.
“Any company or govt. working on COVID-19 vaccines or testing must increase the priority of cyber-security especially privileged access as they will continue to be directly targeted by cyber-attacks, while right now vaccines are being distributed there is no time for complacency,” Carson outlined.
“The latest updated statement released by the EMA, who is the victim of this recent data breach, indicates that the regulatory submission had been accessed unlawfully & now leaked which is a reminder that privileged access security is & will continue to be a challenge for companies to get in control & it must be a top priority for security.”