FULCRUMSEC has claimed responsibility for a cyber attack on Novo Nordisk, a leading Danish pharmaceutical company. The company disclosed that hackers accessed internal IT systems and exfiltrated data related to clinical trials, including pseudonymized patient information. FulcrumSec claims to have stolen approximately 1.3 terabytes of data, including sensitive intellectual property and proprietary information, and has made a $25 million ransom demand.
Despite the theft, Novo Nordisk states that the patient identity is protected and not directly traceable. FulcrumSec has threatened to leak the data if their demands are not met.