Key facts
- Novo Nordisk is investigating a cyber incident that compromised internal IT systems.
- Unauthorized access led to the external copying of non-public data, including personal information.
- The company has temporarily taken some IT systems offline.
- Core business operations remain unaffected.
- Novo Nordisk is working with cybersecurity experts and authorities.
Danish pharmaceutical company Novo Nordisk announced on Thursday that it has identified a security incident involving unauthorized access to a limited number of its internal IT systems. The company has initiated a probe with the assistance of external cybersecurity experts and is in contact with relevant authorities.
As a precautionary measure, Novo Nordisk has temporarily taken certain internal IT systems offline and is working to restore them in a controlled and safe manner. The investigation revealed that certain non-public data, including personal information, was copied externally without authorization. The company stated it is informing the impacted parties as appropriate.
Despite the incident, Novo Nordisk emphasized that its core business operations are not impacted and remain up and running. The company's commitment to patient safety and data security is a priority, as outlined in its coordinated vulnerability disclosure policy.