Novo Nordisk says clinical trial patient data stolen in breach
Novo Nordisk, the pharmaceutical giant behind Wegovy and Ozempic, has disclosed that attackers copied data from its internal IT systems, including information on patients in some of its clinical trials. The company stressed the patient data was de-identified, containing fields like patient ID, year of birth, sex, biomarkers, and lifestyle factors rather than names or direct identifiers. Novo has not said how many people are affected or named the attacker, and is not offering credit monitoring, instead advising patients and healthcare professionals to stay alert for unexpected messages or calls. Pharma firms are increasingly targeted for their valuable research and patient data.
- Check
- Patients in Novo Nordisk trials and contacted healthcare professionals should watch for unexpected calls or messages referencing the company or a trial, and verify any such contact through official channels.
- Affected
- Patients in some Novo Nordisk clinical trials whose de-identified data (patient ID, year of birth, sex, biomarkers, lifestyle factors) was copied, plus healthcare professionals the company has contacted.
- Fix
- There is no direct user fix; stay alert for targeted phishing referencing the breach. Pharma and research organizations should tighten access controls, monitoring, and segmentation around trial and research data stores.