As cybersecurity threats have proliferated across industries in recent years, biopharmaceutical companies have emerged as prominent targets, with intellectual property, patient data, and other sensitive information at risk. Now, Novo Nordisk is the latest pharmaceutical giant to report a data breach.
In an incident notification Thursday, Novo said it had recently identified a security breach affecting certain internal IT systems, adding that a “limited amount of information related to patients participating in some of our clinical trials” had been compromised.
As part of its investigation, the company discovered that certain data had been “copied externally without authorization,” according to the notice.
Importantly, patient data is anonymized, Novo said. The data included information such as patients’ year of birth, biomarkers, and lifestyle factors, but did not include names or “other direct identifiers.”
Patients participating in Novo’s trial do not need to take any action, but the company is advising patients to “remain vigilant and report to us any unusual events that may be related to the incident,” Novo said in the notice.
The company took certain internal IT systems offline as part of its response to the incident. Work is currently underway to bring them back online. Novo’s core business remains unaffected, the drugmaker stressed.
While life sciences companies strive to protect against cyber threats, breaches are becoming somewhat common. Last month, West Pharmaceutical Services reported a cybersecurity incident. And in the field of medical technology, Stryker recently fell victim to a hack.
