18 January 2021

EMA: Hackers leaked modified COVID-19 vaccine documents to undermine trust in vaccines


EMA: Hackers leaked modified COVID-19 vaccine documents to undermine trust in vaccines

Threat actors who compromised The European Medicines Agency’s (EMA) servers and stole documents related to COVID-19 medicines and vaccines have altered some data before leaking the files on the internet, EMA revealed.

“The ongoing investigation of the cyber attack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet. This included internal/confidential email correspondence dating from November, relating to evaluation processes for COVID-19 vaccines. Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines,” EMA explained in an update on the investigation into December security breach posted on its website.

Last December, EMA disclosed a cyber attack without providing any details bout the incident. However. After the hack, Pfizer, which makes one of the vaccines in partnership with Pfizer, confirmed that some documents related to their COVID-19 submissions were accessed by the threat actors.

Shortly after, the Massachusetts-based vaccine maker Moderna Inc said it was informed by EMA that documents related to pre-submission talks of its COVID-19 vaccine candidate were also targeted by hackers.

Researchers from cybersecurity firm Cyble said they have discovered leaks on underground forums.

“During the assessment of data, our researchers noticed that multiple confidential files, including MoMs, assessment reports, confidential emails, login portal links and images of its internal pages were accessed and leaked,” according to the Cyble’s report.

The leaked documents also include the alleged assessment report of COVID-19 vaccine along with the summary report of drug release and stability.

The investigation into the data breach is still ongoing.

Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021