NOVO Nordisk confirmed a data breach affecting its IT systems, leading to unauthorized access and the theft of personal data. The attack targeted clinical trial data, which included pseudonymized information such as patient IDs, participation details, biomarkers, and lifestyle factors. However, the breach did not expose identifiable patient information directly. In contrast, data from healthcare providers was not pseudonymized, potentially compromising names, emails, and contact information.
No threat actor has claimed responsibility for the attack, and the company has engaged cybersecurity experts while taking containment measures. Patients are advised to remain vigilant but do not need to take specific action.