The European Medicines Agency (known by its acronym EMA), a decentralized body responsible for reviewing and approving any new medicine introduced into the European Union, revealed today that some of the vaccine data in development by Pfizer and BioNTech laboratories against COVID-19 stolen from your servers last December, have been leaked online.
Already last December 31, BleepingComputer noticed that the authors of the first threats leaked in various hacker forums what they claimed was data already stolen from the EMA. Today the agency finally wanted to share the following official statement: «The ongoing investigation of the cyber attack on EMA revealed that some of the documents accessed illegally related to COVID-19 drugs and vaccines (from Pfizer) belonging to third parties have been leaked on the Internet […] The law enforcement authorities are taking the necessary measures.
In subsequent updates, EMA said that the investigation revealed that only a limited number of documents were accessed without authorization, with a data breach that was limited to a single IT app and data related to COVID-19 drugs and vaccines. Some sources confirmed by sources in the cybersecurity intelligence community include email screenshots, EMA review comments, Word documents, PDFs and PowerPoint presentations.
However, the European drug regulation network continues to be fully functional, and the evaluation and approval deadlines for the Pfizer COVID-19 vaccine are not affected by the incident. For their part, the EMA assures that “The Agency continues to fully support the criminal investigation into the leakage of data and notify additional entities and individuals whose documents and personal data may have been subject to unauthorized access.”
Vaccines in the crosshairs of cybercriminals
Unfortunately, this is not the only or first attempt to breach organizations associated with the distribution of COVID-19 vaccines. And is that given the great socio-economic impact that these drugs have at this time of global health crisis, it seems that all those involved close to these vaccines have come to be in the crosshairs of cybercriminals.
Previously, we’ve seen global spear-phishing campaigns, shared in a study by IBM Security X-Force researchers. It is not clear if any of the phishing attempts were successful, but the appropriate entities and authorities have been notified of what is considered a targeted attack.
The report has led the United States Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert, urging Operation Warp Speed (OWS) organizations and companies involved in the storage and transportation of vaccines to review Indicators of Compromise (IoC) and strengthen their defenses.