View more stories
Information about one of the most promising coronavirus vaccines was "illegally accessed" after a hack against the European regulator, which is in the final stages of approval, the companies said on Wednesday.
The European Medicines Agency, based in Amsterdam, reported the violation for the first time. The statement simply states that the EMA was exposed to a cyberattack and had launched a joint investigation with law enforcement agencies. The agency did not disclose when the hack took place, or whether the attackers were looking for vaccine information, attempting to infect the network with ransomware, or for some other purpose. An EMA spokesman said in an email: "The agency is fully operational and work continues."
At around the same time on Wednesday, pharmaceutical company Pfizer and biotech company BioNTech released a joint press release stating, “Today we were informed by the European Medicines Agency (EMA) that the agency had been exposed to a cyber attack and that there are some documents relating to the filing of regulatory approvals for Pfizer and BioNTech's COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, has been illegally accessed. "
The companies stated that none of their systems were involved in the breach and that none of the companies are aware of any compromised data that identify the study participants.
Studies of the BNT162b2 vaccine recently developed by Pfizer and BioNTech found it to be 95 percent effective against COVID-19 and consistently effective across age, gender, race, and ethnicity. The vaccine has been approved in the UK and Canada and needs approval elsewhere, including the European Union and the US. The EMA is responsible for the evaluation and approval of drugs, medical devices and vaccines for the EU.
COVID-19 researchers under attack
In the past few months, there have been numerous reports of hackers targeting research data related to the coronavirus, which is currently in development, and vaccines to prevent this from happening. In July, the UK's National Cyber Security Center announced that Cozy Bear, a hacking group believed to be spearheaded by Russia's Foreign Intelligence Service, had used various tools and techniques to target pharmaceutical companies and academic institutions at the potential vaccines are working.
In the same month, prosecutors charged two Chinese nationals with hacking, saying the men tried to break into networks of a biotech company in Maryland and a biotech company in Massachusetts. Both companies were publicly known to be working on COVID-19 vaccines at the time of the hack.
Last month, Microsoft announced that hackers from Russia and North Korea had attacked at least seven prominent companies involved in and involved in COVID-19 research in the US, Canada, France, India and South Korea are.
And last week, IBM said that people likely working on behalf of a nation state ran a spear phishing campaign against companies involved in the COVID-19 supply chain. Hackers have also attempted to target pharmaceutical companies involved in vaccine research, including Johnson & Johnson, Novavax, AstraZeneca, and South Korean laboratories, according to The Wall Street Journal. Other countries accused of hacking COVID-19 researchers, according to Reuters, include Vietnam and Iran.