NOVO Nordisk experienced a significant data breach where attackers accessed and stole sensitive information, including fully trained AI models, proprietary datasets, training codebases, and logs. The hackers claimed to have exfiltrated 16.7GB from a project named Dragonfly and various internal documents and configurations. The breach also involved some pseudonymized data related to clinical trial patients.
Novo Nordisk confirmed the cybersecurity incident occurred between June 11 and 12, 2026, and has involved external cybersecurity experts for investigation. The stolen AI resources could threaten the company's competitive edge in drug discovery, especially in light of a ransom demand from the attackers.