DataBreaches.net reports that Novo Nordisk wasn’t attacked by just one criminal group but by two. The first group was FulcrumSec, who first contacted Novo Nordisk on June 1. After Novo Nordisk stopped responding to them, FulcrumSec leaked some of the data, providing DataBreaches.net with some exclusive material revealing how they approached the pharmaceutical giant.
The second group to attack Novo Nordisk leaked data before FulcrumSec did, but attacked Novo Nordisk after FulcrumSec had. And while FulcrumSec had set a ransom of $25 million, TheUSERS007 told Novo Nordisk they wanted $50 million to delete the data they had. When Novo Nordisk didn’t pay, they leaked the data on Telegram.
According to DataBreaches.net, the two groups acquired different data, and allegedly by different means. When Novo Nordisk disclosed a breach on June 11, they were likely responding to the attack by FulcrumSec, and not the one by TheUSERS007.
Both groups have provided very detailed descriptions of the data acquired—FulcrumSec on its dark web leak site and TheUSERS007 on Telegram.
How much damage the stolen intellectual property may have done is not yet clear. Both groups claim that what they obtained could be catastrophic for Novo Nordisk, but The Data Breach Times is unable to confirm or refute those claims.
