Back

Novo Nordisk Faces Cybersecurity Incident with Data Breach Investigation

Severity: Medium (Score: 48.9)

Sources: Channelnewsasia, Investegate, M.Economictimes, Globalbankingandfinance

Published: 2026-06-11 · Updated: 2026-06-11

Keywords: incident, novo, nordisk, security, company, june, identified

Severity indicators: breach, data breach, cyber incident

Summary

Novo Nordisk A/S reported an IT security incident involving unauthorized access to internal IT systems. The breach resulted in the external copying of certain non-public data, including personal information related to patients from clinical trials. The company has engaged external cybersecurity experts and is cooperating with relevant authorities. Core business operations remain unaffected, and affected systems are being brought back online safely. The company is notifying impacted parties, although it claims that the data is not directly linked to any patients by name. The incident highlights vulnerabilities in data protection protocols within the healthcare sector. Key Points: • Unauthorized access to internal IT systems at Novo Nordisk confirmed. • Personal data from clinical trials was copied externally without authorization. • Core business operations remain unaffected during the investigation.

Detailed Analysis

**Impact** A limited number of internal IT systems at Novo Nordisk were accessed without authorization, resulting in the external copying of certain non-public data, including personal information related to patients in some clinical trials. The affected data may include patient ID, year of birth, sex, and health or immunogenicity data, but no direct identifiers such as patient names were compromised. Core business operations remain unaffected, and impacted parties are being informed. The incident involves data from clinical trials linked to the company’s pharmaceutical activities, with no specific geographic scope detailed beyond the company’s global presence. **Technical Details** The attack involved unauthorized access to internal IT systems, but the specific attack vector, TTPs, malware, or exploited vulnerabilities (CVEs) have not been disclosed. The company responded by temporarily taking affected systems offline to contain the incident. No indicators of compromise (IOCs) or detailed infrastructure information have been provided in the available reports. **Recommended Response** Organizations should monitor for unusual access patterns and unauthorized data exfiltration attempts, especially within clinical trial data environments. Ensure that access controls and network segmentation around sensitive patient data are enforced and reviewed. As no specific vulnerabilities or malware have been identified, focus on maintaining strong incident response readiness and coordinating with relevant authorities and cybersecurity experts for ongoing investigation updates.

Source articles (4)

  • IT Security incident at Novo Nordisk | Company Announcement — Investegate · 2026-06-11
    Bagsværd, Denmark, 11 June 2026 – Novo Nordisk A/S has identified an IT security incident involving unauthorised access to a limited number of internal IT systems. Upon learning of the incident, we la…
  • Novo Nordisk hit by cyber incident, probes data breach — Channelnewsasia · 2026-06-11
    June 11 : Novo Nordisk said on Thursday it has identified a security incident involving unauthorized access to a limited number of internal IT systems. The company said it has launched a probe with th…
  • Novo Nordisk hit by cyber incident, probes data breach - Global Banking & Finance Review — Globalbankingandfinance · 2026-06-11
    June 11 (Reuters) - Novo Nordisk said on Thursday it has identified a security incident in which certain information, including patient data from some clinical trials, was copied externally without au…
  • Novo Nordisk hit by cyber incident, probes data breach — M.Economictimes · 2026-06-11
    Danish drugmaker Novo Nordisk has confirmed a security incident. Unauthorised access to internal IT systems occurred. Certain non-public data, including personal information, was copied externally. Th…

Timeline

  • 2026-06-11 — Novo Nordisk identifies IT security incident: The company confirmed unauthorized access to internal IT systems and initiated an investigation with external cybersecurity experts.
  • 2026-06-11 — Data breach involving patient information reported: Certain non-public data, including patient data from clinical trials, was copied externally without authorization.
  • 2026-06-11 — Core operations remain unaffected: Novo Nordisk stated that its core business operations are not impacted and are continuing as normal during the investigation.

Related entities

  • Data Breach (Attack Type)
  • Novo Nordisk (Company)
  • Novo Nordisk A/S (Company)
  • Denmark (Country)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
  • novonordisk.com (Domain)
  • Healthcare (Industry)
  • T1041 - Exfiltration Over C2 Channel (Mitre Attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed