Breaking: Novo Nordisk Breach Exposes 1.3 TB of Data, 264 GB Already Leaked
Novo Nordisk disclosed that ransomware group FulcrumSec stole over 1.3 TB of data in March 2026, demanded a $25 million ransom that was refused, has leaked 264 GB on the dark web, and is seeking buyers for the remaining data, with the attack traced to hard‑coded Azure credentials and a GitHub personal access token.
In March 2026, Danish pharmaceutical giant Novo Nordisk disclosed that ransomware group FulcrumSec breached its systems and stole more than 1.3 TB of data. The attackers demanded a $25 million ransom, which was refused, and have already leaked 264 GB of the stolen data on a dark‑web site while seeking private buyers for the remaining ~1.05 TB.
The breach was achieved through two initial footholds: (1) hard‑coded Azure container‑registry credentials embedded in client‑side JavaScript on a Novo Nordisk sub‑domain, and (2) a GitHub personal access token. The attackers used the GitHub repository to harvest numerous API tokens, database credentials, and service‑account passwords, then moved laterally across hundreds of internal systems.
FulcrumSec claims the intrusion lasted over two months; Novo Nordisk’s security team only detected the GitHub compromise about two weeks after the attackers accessed the account. The group mocked the company on the leak site, citing weak passwords such as “novo123” and criticizing the security team.
According to the data list published by FulcrumSec, the stolen material includes 4,750 source‑code repositories, over 41,000 patented drug compounds, more than 30 trained AI models, records of 11,500 clinical‑trial patients, over 163,000 employee records, documentation for five undisclosed drug projects, and the complete manufacturing recipe for at least one major drug.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
