Skip to content
Tech News
← Back to articles

Novo Nordisk Breach Highlights Software Development Pipeline Risk

2026-06-18 | original
read original more articles
Why This Matters

The breach at Novo Nordisk highlights the increasing vulnerability of software development pipelines, especially in critical industries like pharmaceuticals, where attackers can access sensitive intellectual property and personal data through compromised code repositories. This incident underscores the urgent need for enhanced cybersecurity measures to protect developer environments and supply chains from sophisticated threats.

Key Takeaways

A recent — and likely massive — breach at Novo Nordisk, where attackers reportedly gained an initial foothold using a single GitHub access token, underscores how code repositories and developer environments have become ground zero for attackers seeking intellectual property, credentials, and software supply chain assets.

Novo Nordisk, the Danish pharmaceutical giant behind blockbuster drugs Ozempic and Wegovy, disclosed the breach June 11 after detecting unauthorized access to what it claimed were a "limited number of its internal IT systems."

A Bigger Than Disclosed Breach?

According to the company, the attackers accessed pseudonymized data belonging to an undisclosed number of patients participating in clinical trials including patient ID, gender, date of birth, biomarkers, health/immunogenicity data, and lifestyle factors such as tobacco and alcohol use.

The breach also affected data belonging to healthcare professionals associated with Novo Nordisk, including name, registration number, office locations, email, phone number and WhatsApp details. "Based on the nature of the exposed data, the potential consequences of the incident include targeted phishing attempt through emails, phone, and WhatsApp or fraudulent communications impersonating colleagues," Novo Nordisk warned.

Related:Get Out of Security Debt by Tackling the Exposure Problem

But details provided by FulcrumSec, the threat group claiming responsibility for the attack, suggest the breach was far broader and potentially more damaging than Novo Nordisk has disclosed publicly.

Information that the threat group shared with DataBreaches.Net suggest the attackers spent more than two months inside the pharmaceutical company's network and exfiltrated more than 700,000 files amounting to some 1.3TB of data before demanding a $25 million ransom.

The stolen information included source code, proprietary information on marketed and unreleased drugs, clinical trial and research data, internal AI models, records related to Novo Nordisk's manufacturing operations and production technology, healthcare professional records, and information on approximately 11,500 pseudonymized clinical trial participants. FulcrucmSec has since begun publicly leaking some of the data it claims to have obtained after Novo Nordisk's apparent refusal to pay the demanded ransom. "FulcrumSec believes the exfiltrated data and the AI-generated analysis could save other researchers or competitors 3-5 years of program development," DataBreaches.Net noted.

Single GitHub Token Was All It Took

... continue reading

Explore topics: novo nordisk github software supply chain clinical trials pharmaceutical
Related:
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
AbbVie to Buy Apogee Therapeutics for $10.9 Billion in Cash
Ask for no, don't ask for yes (2022)
Show HN: CleverCrow: give tokens to your favorite projects
Sideloading Android apps is great — until you have to update them. Here’s my fix

© 2026 GoKawiil

About | Editorial Policy | Contact