Danish pharmaceutical company Novo Nordisk is facing a significant cybersecurity challenge after a cyber extortion group claimed it had stolen more than one terabyte of sensitive corporate data and attempted to extract $25 million from the company.
The hacking group, known as FulcrumSec, stated that it spent more than two months inside Novo Nordisk’s network, gaining access to and allegedly copying a wide range of confidential information. According to the group, the stolen data includes company source code, proprietary information related to both marketed and unreleased drugs, clinical trial data, employee records, doctor and patient information, manufacturing-related details, and artificial intelligence model data.
The group alleged that it demanded $25 million from Novo Nordisk in exchange for not releasing the information. After the company reportedly declined to meet the demand, the hackers said they began exploring options to sell portions of the data privately.
The development comes days after Novo Nordisk disclosed a cybersecurity incident. On June 11, 2026, the company confirmed that unauthorized individuals had gained access to a limited number of its internal IT systems and copied certain non-public information, including personal data. The company said it had launched an investigation with the support of external cybersecurity experts and was working closely with relevant authorities.
Responding to the latest claims, a company spokesperson said: “We are aware of claims that data allegedly copied externally without authorisation from our systems has been published online. We take this matter seriously and maintain continued operations of our main platforms. We are in contact with the relevant authorities.”
FulcrumSec further claimed that it would not publish some categories of the stolen information, including data related to thousands of employees, doctors, and approximately 11,500 pseudonymised clinical trial participants. The group described the decision as part of its “harm-reduction strategy.”
While cybersecurity researchers have indicated that FulcrumSec has previously demonstrated credible capabilities, the full extent and authenticity of the allegedly stolen data have not been independently verified.
The incident underscores the growing cyber risks facing pharmaceutical and healthcare companies worldwide. For India, which plays a major role in global drug manufacturing, clinical research, and healthcare technology, the breach highlights the importance of safeguarding sensitive patient information, research data, and intellectual property. As Indian pharmaceutical firms deepen their participation in global healthcare ecosystems, strengthening cybersecurity measures will remain critical to protecting both business operations and public trust.
