Indonesian Political, Business & Finance News

Novo Nordisk Hit by Cyberattack, Hackers Demand $400 Billion Ransom

| Source: CNBC Translated from Indonesian | Business
Novo Nordisk Hit by Cyberattack, Hackers Demand $400 Billion Ransom
Image: CNBC

Pharmaceutical giant Novo Nordisk has fallen victim to a cyberattack by a group claiming to have stolen more than 1 TB of company data. The group, calling itself FulcrumSec, is considering selling some of the stolen data after allegedly failing to secure a ransom of US$25 million (Rp443 billion) from the maker of the controversial diabetes drug Ozempic, which is widely used for weight loss.

FulcrumSec, which first emerged in October 2025, claimed in a message posted on its official site that it spent more than two months inside Novo Nordisk’s network to steal the data. According to FulcrumSec, the stolen data includes company source code, confidential information about released and unreleased drugs, clinical trial data, employee, doctor, and patient information, details related to the company’s processing facilities, and internal AI model information, Reuters reported on Wednesday (17/6/2026).

A Novo Nordisk spokesperson said via email that the company is aware of claims regarding data allegedly copied from its systems without authorisation. “We take this matter seriously and continue to operate on our main platforms. We are in contact with the relevant authorities,” the spokesperson told Reuters. Reuters could not immediately verify the authenticity of the data posted by FulcrumSec.

FulcrumSec told Reuters via email that a Novo Nordisk representative contacted the group on 3 June 2026, about 48 hours after the group’s initial contact with unnamed company executives. The company used a random Proton Mail email address sent to the address FulcrumSec used in its initial contact, and confirmed its identity by requesting specific verification files known only to the company. A FulcrumSec representative also said they would prefer not to sell the data, “because open sourcing the data is a more effective deterrent for companies in the future to avoid paying.”

The Danish company disclosed a cybersecurity incident on 11 June, which it said involved unauthorised access to a limited number of internal IT systems, including access to certain personal data. FulcrumSec said that after Novo Nordisk refused to pay US$25 million, they are “exploring a private sale” for some of the data related to specific drugs and other internal information. Thomas Willkan, head of research at cybersecurity firm Lab-1, who has closely tracked FulcrumSec, said the hacking group is “usually quite legitimate regarding their capabilities and claims.”

FulcrumSec stated they will not share some of the stolen data, including information on thousands of company employees and doctors, and around 11,500 anonymised clinical trial patients. The group also said they will withhold data related to operational technology and software used to interact with sensors and machinery at Novo Nordisk’s production facilities as part of a “harm reduction strategy.” Novo Nordisk is renowned for its obesity and diabetes treatments, particularly Wegovy and Ozempic.

DataBreaches.net, a blog focused on cybersecurity, ransomware, and data extortion, reported on 15 June that FulcrumSec informed the blog on 14 June that they gained access to Novo Nordisk’s network in March 2026, and shared alleged correspondence with Novo Nordisk from 1 June that included a list of more than 700,000 files, totalling approximately 1.3 terabytes of data. VX-Underground, a malware research and repository site, separately reported on Monday (15/6) about an unnamed hacker who had compromised Novo Nordisk. FulcrumSec said in its message that its attack was separate.

View JSON | Print