CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 13, 2026

Ozempic Drug Maker Loses Clinical Trial Data in Hack

Data Breach Today Archived Jun 13, 2026 ✓ Full text saved

Novo Nordisk Breach Involved 'Copying' of Patient, Healthcare Provider Info A hack on Danish pharmaceutical manufacturer Novo Nordisk has compromised some patients' clinical trial information, the maker of popular weight loss and diabetes treatment drugs including Wegovy and Ozempic said. The company is working to bring affected IT systems back online.

Full text archived locally
✦ AI Summary · Claude Sonnet


    Cybercrime , Data Breach Notification , Data Security Ozempic Drug Maker Loses Clinical Trial Data in Hack Novo Nordisk Breach Involved 'Copying' of Patient, Healthcare Provider Info Marianne Kolbasuk McGee (HealthInfoSec) • June 12, 2026     Credit Eligible Get Permission A hack on Danish pharmaceutical manufacturer Novo Nordisk has compromised some patients' clinical trial data and healthcare provider information. (Image: Shutterstock) A hack on Danish pharmaceutical manufacturer Novo Nordisk has affected some patient clinical trial data and healthcare provider information, according to the maker of popular weight loss and diabetes treatment drugs, including Wegovy and Ozempic. See Also: OnDemand | Transform API Security with Unmatched Discovery and Defense Novo Nordisk said Thursday it "recently" discovered an IT security incident involving unauthorized access "to a limited number of internal IT systems." The breach affected personal data stored on the company's systems, including some information related to patients participating in various clinical trials. Some of the affected "non-public" data was copied externally without authorization, the company said. The pharmaceutical manufacturer didn't identify the nature of the clinical trials or disclose the number of affected people, but said the compromised information didn't include patient names or "other direct identifiers." Categories of potentially affected patient data included "random alphanumeric string" patient IDs, sex, year of birth, biomarkers, health and immunogenicity data, and lifestyle factors, such as smoking status, alcohol use and body mass index. "Based on the nature of the exposed data as pseudonymized, knowledge of patient identity would require access to further information, which was not part of the incident. We therefore do not consider the incident to bear any immediate risks for our patients," the company said. "We do, however, recommend that our patients remain vigilant and report to us if anything unusual is encountered that is believed could be linked to the incident." Novo Nordisk is also notifying an undisclosed number of healthcare providers that their information was potentially affected in the incident. That includes name and registration number, email, phone number, WhatsApp details, and office location. "The exposure of your data does not necessarily include all categories," the company said. Novo Nordisk is working with forensics experts in investigating into the incident. The company said it temporarily took offline certain internal systems as a precaution and is working to bring its affected IT systems back online. "Our core business operations are not impacted and remain up and running," the company said. Novo Nordisk did not immediately respond to ISMG's request for additional details about the incident. The biggest concern in this incident so far "is the long-tail value of clinical trial data," said Ross Filipek, CISO at IT services firm Corsica Technologies. "Even though the data was allegedly not tied to patient names, health-related data comes with different risks than ordinary consumer information. It can become more sensitive when it's combined with other stolen data from outside sources." Another worry in such incident is broken trust, Filipek said. "Clinical trials rely on confidence from patients, providers, regulators and research partners. Even a limited breach can create hesitation if people worry their health information was exposed or mishandled. If attackers had enough dwell time to alter data, not just copy it, the company would also need to look closely at data integrity." Filipek said the Novo Nordisk incident also underscores that attacks on pharmaceutical companies also threaten critical research and related data beyond patient records. "If any intellectual property was exposed, the impact could move beyond privacy and into competitive harm. If active trial systems were affected, some work may need to pause while investigators confirm what was accessed and whether anything was altered," he said.
    💬 Team Notes
    Article Info
    Source
    Data Breach Today
    Category
    ◇ Industry News & Leadership
    Published
    Jun 13, 2026
    Archived
    Jun 13, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗