U.S. drugmaker Pfizer and its German partner BioNTech said on Wednesday that documents related to their development of a COVID-19 vaccine had been unlawfully accessed in a cyberattack on Europe’s medicines regulator, Reuters reported.
The European Medicines Agency (EMA), which assesses medicines and vaccines for the European Union, said hours earlier it had been targeted in a cyberattack. It gave no further details.
Pfizer and BioNTech said they did not believe any personal data of trial participants had been compromised and EMA has assured us that the cyber attack will have no impact on the timeline for its review.
It was not immediately clear when or how the attack took place, who was responsible or what other information may have been compromised.
The two companies said they had been informed by the EMA “that the agency has been subject to a cyber attack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate … had been unlawfully accessed.”
They added that “no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed.”
The Pfizer-BioNTech vaccine is among the top contenders in a global race to beat back COVID-19. It is already being administered in Britain, which last week approved the vaccine for emergency use.
But the vaccine is still being studied by the European Union. The EMA has said it would complete its review by Dec. 29, although it has said its schedule may change.
The EMA statement gave few details about the attack, saying only it was investigating with help from law enforcement.
“EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course,” it said in a statement.
Hacking attempts against healthcare and medical organisations have intensified during the COVID-19 pandemic as attackers ranging from state-backed spies to cyber criminals scramble to obtain information.
Reuters has previously reported on allegations that hackers linked to North Korea, South Korea, Iran, Vietnam, China and Russia have on separate occasions tried to steal information about the virus and potential treatments.
Reuters has documented that espionage campaigns targeted a slew of pharmaceutical and vaccine development companies including Gilead, Johnson & Johnson , Novavax , and Moderna . Regulators and international organizations such as the World Health Organization have also come under repeated attack.
Stealing information about how to manufacture an effective winning vaccine – or even just gleaning information about how it will be distributed – would be intelligence gold dust as the world battles one of the most damaging pandemics in living memory.