- The hackers who stole COVID-19 vaccine data belonging to Pfizer and BioNTech from the European Medicines Agency (EMA), a regulatory agency, and leaked the information online in December, first manipulated the exfiltrated data beforehand to undermine public trust in the vaccine.
- The highly targeted attack struck on December 9, which gave the attackers access to some documents tied to the regulatory submission for the impacted pharmaceutical companies that were stored on the compromised server.
- Pfizer and BioNTech were awaiting final approval for their vaccine, which was issued temporary authorization for emergency use in the UK on December 2.
- The latest update revealed the stolen and altered data included internal, confidential email correspondence from November that were tied to the evaluation processes for COVID-19 vaccines.
- Federal agencies have repeatedly warned that hackers are actively, and successfully, targeting healthcare organizations tasked with the COVID-19 response for these exact purposes. Nation-state actors have also targeted healthcare employees in an effort to gain access to valuable COVID-19 data.
– Jessica Davis | January 19, 2021
