• FulcrumSec claims to have stolen over 1 terabyte of data from Novo Nordisk.
• After a failed $25 million ransom demand, the group is exploring private sales of the data.
• Stolen data includes company source code, clinical trial data, and employee information.
• Novo Nordisk acknowledges the cyberattack and is in contact with authorities.
• The incident marks a significant cybersecurity breach in the pharmaceutical sector.

Cyber extortion group FulcrumSec has claimed to have breached the systems of pharmaceutical giant Novo Nordisk, stealing over 1 terabyte of data. The group reported that it spent more than two months within Novo Nordisk's networks, acquiring sensitive information including company source code, proprietary drug information, trial data, and personal records of employees and patients. After demanding $25 million from Novo Nordisk in exchange for not releasing the data, FulcrumSec indicated they would explore selling parts of the information instead, according to Reuters, Channel News Asia, and India Times.

Novo Nordisk confirmed that it had experienced a cybersecurity incident and stated that it is "aware of claims that data allegedly copied externally without authorization" has been published online. The company emphasized that it is taking the matter seriously and has maintained the operational integrity of its key platforms while cooperating with relevant authorities, as reported by Reuters and Channel News Asia.

FulcrumSec's activities underscore a growing concern in cybersecurity, as it reported successfully reaching out to Novo Nordisk executives prior to the ransom escalation and receiving communication from them about the hacking incident. The group’s representative noted that they would prefer to open-source the data rather than sell it, believing it would serve as a deterrent to future extortion attempts, according to India Times.

Experts, including Thomas Willkan from cybersecurity firm Lab-1, have been tracking FulcrumSec and expressed concerns about the group’s legitimacy and capabilities, suggesting it is a serious threat to corporations. The hacking group claimed it would withhold certain critical information, such as that on operational technologies and sensitive employee-related data, as part of a "harm-reduction strategy," according to Reuters, Channel News Asia, and India Times.