Data related to a Covid-19 vaccine developed by Pfizer Inc. and Germany's BioNTech SE were accessed in a hack of Europe's top medicines regulator.
BioNTech and Pfizer said they had been told of the cyber breach by the European Medicines Agency, the Amsterdam-based agency responsible for approving new medicines for the European Union. In identical statements Wednesday, the companies said that some documents relating to its regulatory approval submission "had been unlawfully accessed."
It's unclear what documents were accessed. Pfizer and BioNTech have submitted reams of data to regulators in the U.S., Europe and elsewhere in an effort to win regulatory approval for their vaccine. Some of that data is typically widely disseminated, including, eventually, for academic peer review. But the submissions also include records related to manufacturing and human clinical trials, which cyber experts have said could provide an edge to others trying to refine their own processes or disrupt a vaccine rollout.
The breach hits at the very core of the Western world's race to roll out a Covid-19 vaccine, and it demonstrates the extent to which hackers have sought to infiltrate companies and institutions crucial to the fight against the pandemic. It follows earlier attempts to break into systems at universities and pharmaceutical companies involved in drug development and other pandemic responses, all seen as key to helping countries restart economies gutted by the virus.
BioNTech and Pfizer said no systems belonging to the two companies had been breached in the attack, and they said they didn't have evidence that any clinical-trial participants had been identified. They said they received assurance from the European agency that the hack wouldn't affect the timeline for review of the vaccine, which is scheduled for review by the agency Dec. 29.
The vaccine was deployed this week in the U.K.--the first Western-developed Covid-19 shot administered to humans outside of trials--and won authorization Wednesday in Canada. The U.S. Food and Drug Administration is expected to authorize use of the vaccine as soon as later this week.
The EMA, which approves new drugs in a similar capacity to the Food and Drug Administration, had earlier posted a statement that it had been targeted in a cyberattack that's now under investigation by law-enforcement and other officials.
The European agency didn't provide details or say whether the attack had affected its operations or disclose whether any data had been lost. "EMA cannot provide additional details whilst the investigation is ongoing," it said in a short statement on its website. The EMA later said via a spokeswoman that it is "fully functional and all work continues."
The attack follows months of warnings and ramped-up defenses across Europe, the U.S. and beyond against hackers targeting pharmaceutical companies, universities and other entities involved in Covid-19 treatments, vaccines and virus-tracking technology.
Last month, Microsoft Corp. said cyberattacks originating in Russia and North Korea have targeted online accounts at companies working on Covid-19 drugs and vaccines. The company said targets included pharmaceutical companies and vaccine researchers operating in the U.S., Canada, France, India and South Korea.
Some cybersecurity experts said the data handled by the agency wouldn't have necessarily included the most sensitive details of how the vaccine is designed or manufactured. It is also relatively late in the vaccine process for a rival state or company to attempt to duplicate Pfizer and BioNTech's efforts.
"If you are interested in stealing IP, there are better ways to steal it," said David Robinson, the co-founder of cybersecurity firm Internet 2.0 and a consultant to a leading Covid-19 vaccine maker.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.