Threat actors who compromised The European Medicines Agency’s (EMA) servers and stole documents related to COVID-19 medicines and vaccines have altered some data before leaking the files on the internet, EMA revealed.

“The ongoing investigation of the cyber attack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet. This included internal/confidential email correspondence dating from November, relating to evaluation processes for COVID-19 vaccines. Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines,” EMA explained in an update on the investigation into December security breach posted on its website.

Last December, EMA disclosed a cyber attack without providing any details bout the incident. However. After the hack, Pfizer, which makes one of the vaccines in partnership with Pfizer, confirmed that some documents related to their COVID-19 submissions were accessed by the threat actors.

Shortly after, the Massachusetts-based vaccine maker Moderna Inc said it was informed by EMA that documents related to pre-submission talks of its COVID-19 vaccine candidate were also targeted by hackers.

Researchers from cybersecurity firm Cyble said they have discovered leaks on underground forums.

“During the assessment of data, our researchers noticed that multiple confidential files, including MoMs, assessment reports, confidential emails, login portal links and images of its internal pages were accessed and leaked,” according to the Cyble’s report.

The leaked documents also include the alleged assessment report of COVID-19 vaccine along with the summary report of drug release and stability.

The investigation into the data breach is still ongoing.