|
 The European Medicines Agency (EMA), which assesses medicines and
vaccines for the European Union, said hours earlier it had been
targeted in a cyberattack. It gave no further details.
Pfizer and BioNTech said they did not believe any personal data of
trial participants had been compromised and EMA "has assured us that
the cyber attack will have no impact on the timeline for its
review."
It was not immediately clear when or how the attack took place, who
was responsible or what other information may have been compromised.
The two companies said they had been informed by the EMA "that the
agency has been subject to a cyber attack and that some documents
relating to the regulatory submission for Pfizer and BioNTech's
COVID-19 vaccine candidate" had been viewed.
Such documents could be extremely valuable to other countries and
companies rushing to develop vaccines, experts said.
"When it comes to the data submitted to these kinds of regulatory
bodies, we are talking confidential information about the vaccine
and its mechanism of action, its efficiency, its risks & known
possible side effects and any unique aspects such as handling
guidelines," said Marc Rogers, founder of a volunteer group fighting
Covid-related breaches, CTI-League.
"It also provides detailed information on other parties involved in
the supply and distribution of the vaccine and potentially
significantly increases the attack surface for the vaccine," adding
more ways the formulas or production could be hacked or stolen.
The companies said "no BioNTech or Pfizer systems have been breached
in connection with this incident and we are unaware that any study
participants have been identified through the data being accessed."
A spokeswoman for BioNTech declined further comment. Pfizer did not
respond to a request for further comment.
The Pfizer-BioNTech vaccine is a top contender in the global race to
beat back COVID-19. It is already being administered in Britain.
[to top of second column] |
The EMA has said it would complete its review by Dec. 29, although its schedule
may change.
The EMA statement gave few details about the attack, saying only it was
investigating with help from law enforcement.
"EMA cannot provide additional details whilst the investigation is ongoing," it
said in a statement.
U.S. law enforcement and cybersecurity officials did not respond to requests for
comment.
Hacking attempts against healthcare and medical organisations have intensified
during the COVID-19 pandemic as attackers ranging from state-backed spies to
cyber criminals hunt for information.
Reuters has previously reported on allegations that hackers linked to North
Korea, South Korea, Iran, Vietnam, China and Russia have on separate occasions
tried to steal information about the virus and potential treatments.
Reuters has documented that espionage campaigns targeted a slew of
pharmaceutical and vaccine development companies including Gilead, Johnson &
Johnson, Novavax, and Moderna. Regulators and international organizations such
as the World Health Organization have also come under repeated attack.
"Vaccine candidates represent liquid gold to many parties, both in terms of the
opportunity and the pure market value," said Rogers, who is also vice president
at security company Okta Inc. "Information on the vaccine and access to any link
in the distribution chain has significantly increased value."
The respiratory virus, which emerged in China in late 2019, has infected more
than 68 million people worldwide, according to a Reuters tally. More than 1.5
million people have died.
(Additional reporting by Joseph Menn and Raphael Satter; Editing by Angus
MacSwan and David Gregorio)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content. |
