EU agency responsible for COVID-19 vaccine approval hit by a cyberattack

EU agency responsible for COVID-19 vaccine approval hit by a cyberattack

The European Medicines Agency (EMA), a Europe’s medicines regulator in charge of approving of COVID-19 vaccines, said it has suffered a cyberattack.

The agency posted a short statement on its website disclosing a security breach, but did not provide any details regarding the incident citing ongoing investigation.

“EMA has been the subject of a cyberattack. The Agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities,” the regulator said. “EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course.”

A spokesperson for the agency said it was still "functional".

However, in a follow-up statement released on it website BioNTech, which makes one of the vaccines in partnership with Pfizer, said that it has been told that “some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed.”

“It is important to note that no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed. At this time, we await further information about EMA’s investigation and will respond appropriately and in accordance with EU law. EMA has assured us that the cyber attack will have no impact on the timeline for its review,” the company said.

Earlier this month, researchers from IBM Security X-Force shared details on a global phishing campaign aimed at organizations associated with a COVID-19 cold chain. Active since September 2020, the phishing operation spanned across six countries and targeted organizations likely associated with Gavi, The Vaccine Alliance’s Cold Chain Equipment Optimization Platform (CCEOP) program, with the European Commission’s Directorate-General for Taxation and Customs Union and organizations within the energy, manufacturing, website creation and software and internet security solutions sectors among the targets.

Back to the list

Latest Posts

Russian hackers carried out first confirmed sabotage attack in the Netherlands

Russian hackers carried out first confirmed sabotage attack in the Netherlands

The MIVD also warned of a sharp increase in digital operations linked to Russia.
22 April 2025
SuperCard X Android malware exploits NFC for ATM and POS fraud

SuperCard X Android malware exploits NFC for ATM and POS fraud

It leverages an advanced NFC-relay attack to authorize fraudulent transactions at POS terminals and ATMs.
22 April 2025
Billbug espionage group launches sophisticated cyber campaign in Southeast Asia

Billbug espionage group launches sophisticated cyber campaign in Southeast Asia

The campaign targeted a range of critical sectors, including a government ministry, an air traffic control organization, a telecommunications provider, and a major construction company.
22 April 2025
Popular Posts
Featured vulnerabilities
Remote code execution in Cisco Products using Erlang/OTP SSH server
Сritical Not Patched | 23 Apr, 2025
Protection mechanism failure in Spring Security
Low Patched | 23 Apr, 2025
SSRF in IBM WebSphere Application Server
Medium Patched | 23 Apr, 2025
Remote code execution in Adobe Bridge
High Patched | 23 Apr, 2025
Two remote code execution vulnerabilities in Adobe Media Encoder
High Patched | 23 Apr, 2025