Security WeekArchived Jun 16, 2026✓ Full text saved
The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant. The post Cybercrime Group Claims Novo Nordisk Hack appeared first on SecurityWeek .
Full text archived locally
✦ AI Summary· Claude Sonnet
The hack-and-leak group FulcrumSec has claimed responsibility for hacking the Danish pharmaceutical giant Novo Nordisk.
The incident was disclosed late last week, when the company warned patients that hackers had accessed its internal IT systems and exfiltrated certain data associated with clinical trials.
According to the pharma giant, the stolen information was pseudonymized and could not be directly linked to patients by name or identifiers.
“Knowledge of patient identity would require access to further information, which was not part of the incident,” the company said.
While no known cybercrime group has publicly claimed responsibility for the attack, FulcrumSec contacted DataBreaches to boast about hacking Novo Nordisk.
The group claims to have hacked the company in March through a GitHub access token that allowed it to clone Novo Nordisk repositories and find additional credentials.
FulcrumSec said it stole roughly 1.3 terabytes of data from the pharma giant and provided a list of over 700,000 files as proof.
It also provided detailed information on the type of data allegedly stolen from the company, which appears to include intellectual property such as undisclosed drug programs, proprietary compound structures, the Dicerna RNAi pipeline, private AI models, and other data.
FulcrumSec also shared some of its correspondence with Novo Nordisk, which included stolen credentials as proof of possession.
The hacking group demanded a $25 million ransom, but the extortion attempt failed, and the hacking group is now threatening to leak the stolen data.
At the time of publication, however, Novo Nordisk has not been listed on FulcrumSec’s Tor-based leak site.
Related: French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker
Related: ShinyHunters Claims Council of Europe Hack
Related: University of Nottingham Confirms Breach After Hackers Leak Data
Related: Hackers Leak DentaQuest Information Impacting 2.6 Million
WRITTEN BY
Ionut Arghire
Ionut Arghire is an international correspondent for SecurityWeek.
More from Ionut Arghire
Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure
NewCore Emerges From Stealth Mode With $66 Million in Funding
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
ShinyHunters Claims Council of Europe Hack
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks
Iranian Cyber Group Handala Claims Cal Water Hack
Latest News
iRhythm Confirms Data Stolen in Hack
Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker
Magnitude Emerges From Stealth Mode With $10 Million in Funding
AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask
Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round
Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire
Cal Water Investigating Iranian Hackers’ Claims
White House Issues Memo to Bolster NSS Cybersecurity
Trending
Webinar: How Modern Breaches Bypass MFA And Evade Detection
June 17, 2026
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
Register
Webinar: Modern Exposure Validation In The AI Era
June 24, 2026
AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
Register
People on the Move
Stephen Garcia has been named Chief Information Security Officer at BreachRx.
Kasper Lindgaard has been appointed Vice President of Security Strategy at CoreView.
Chaim Mazal has been named Chief Information Security Officer at GitLab.
More People On The Move
Expert Insights
After AI Reaches Production: 12 Ways Security Teams Can Take Control
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb)
Everybody Is Vibe Coding But Nobody Told The Security Team
AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au)
The Zero-Knowledge Threat Actor And The End Of Responsible Disclosure
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor)
Raising The Cybersecurity Stakes: Ante Up For The Agentic Era
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael)
Caught Off Guard: Securing AI After It Hits Production
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb)
Flipboard
Reddit
Whatsapp
Email