Novartis Breach - February 25, 2022

Novartis Breach

Novartis is a pharmaceutical company with two headquarters, located in both Switzerland and Massachusetts. They are known as one of the top pharmaceutical-research companies in the world.

What Was the Breach?

Novartis, a pharmaceutical company, has been in the news for the wrong reasons. The company was hacked earlier this year in what has the potential to become a significant breach. Though the pharmaceutical giant insists hackers accessed no sensitive data in the attack, time will tell if the company’s statement proves true.

How Did the Breach Occur?

The breach is the work of a data extortion group dubbed Industrial Spy. This hacking collective operates a marketplace where data is stolen from targeted businesses. The hackers started selling the information collected from the pharmaceutical company through an online marketplace called Tor extortion. The asking price for the stolen Novartis data was half a million dollars worth of bitcoin. 

It appears as though the stolen data is tied to DNA or RNA-based drug technology. In fact, the company’s tests were plucked straight from the manufacturing plant’s lab environment during the attack. The disturbing details of this breach are yet another reason to enhance your business and personal computers with the latest digital security protections.

When Did This Breach Occur?

This breach occurred on February 25, 2022.

Who Does the Breach Impact?

The breach is a blow to Novartis as well as its clients. When digital security media outlets reached out to Novartis, the company released a statement indicating it was aware of the issue. The company has investigated the matter yet insists hackers stole no valuable information.  

The company’s statement did not address additional media inquiries or concerns such as how, exactly, the cyber thieves obtained access to the data in the first place.

How Many Files Does the Breach Affect?

The breach consists of nearly 8 MB of PDF files, some of which might contain sensitive information. However, as noted above, Novartis is adamant that the data illegally accessed in the attack will not have significant ramifications in the context of potential fraud, identity theft, and other criminal activity.

Recent Breaches

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address