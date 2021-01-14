The European Medicines Agency (known by its acronym EMA), a decentralized body responsible for reviewing and approving any new medicine introduced into the European Union, revealed today that some of the vaccine data in development by Pfizer and BioNTech laboratories against COVID-19 stolen from your servers last December, have been leaked online.

Already last December 31, BleepingComputer realized that the authors of the first threats leaked on various hacker forums what they claimed was data already stolen from the EMA. Today the agency finally wanted to share the following official statement: «The ongoing investigation of the EMA cyberattack revealed that some of the illegally accessed documents Related to COVID-19 Drugs and Vaccines (from Pfizer) belonging to third parties have been leaked on the Internet […] Law enforcement authorities are taking the necessary steps«.

In subsequent updates, EMA said the investigation revealed that only a limited number of documents were accessed without authorization, with a data breach that was limited to a single IT app and data related to COVID-19 drugs and vaccines. Data confirmed by sources in the cybersecurity intelligence community includes email screenshots, EMA review comments, Word documents, PDFs, and PowerPoint presentations.

However, the European drug regulation network continues to be fully functional, and the evaluation and approval deadlines for the Pfizer COVID-19 vaccine are not affected by the incident. For their part, the EMA assures that «The Agency continues to fully support the criminal investigation into the data breach and to notify additional entities and individuals whose documents and personal data may have been subject to unauthorized access.«.

Vaccines in the crosshairs of cybercriminals

Unfortunately, this is not the only or first attempt to breach organizations associated with the distribution of COVID-19 vaccines. And it is that given the great socio-economic impact that these drugs represent at this time of global health crisis, it seems that all those involved close to these vaccines have become the target of cybercriminals.

Previously, we already saw global spear-phishing campaigns, shared in a study by IBM Security X-Force researchers. It is unclear if any of the phishing attempts were successful, but the appropriate entities and authorities have been notified of what is considered a targeted attack.

The report has led the United States Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert, urging Operation Warp Speed ​​(OWS) organizations and companies involved in the storage and transportation of vaccines to review Indicators of Compromise (IoC) and strengthen their defenses.