FULCRUMSEC , a data-theft extortion group, leaked 1.3TB of data from Novo Nordisk, including clinical records and AI research assets, after the company rejected a $25 million ransom demand. The breach confirmed unauthorized access to internal systems, exposing pseudonymized clinical-trial data and personal information of healthcare providers.
Notably, detailed AI and machine-learning assets, including a multimodal model checkpoint, training datasets, and source code, were part of the stolen data, raising serious concerns about the impact on drug discovery. Novo Nordisk's operational response involved engaging external investigators and maintaining ongoing drug production, while the incident reflects a significant security challenge for the pharmaceutical industry.