German biotech giant BioNTech said on Wednesday that crucial documents related to the Covid-19 vaccine which it is developing with Pfizer were "unlawfully accessed" during a cyber-attack on European medicine regulators. The announcement came just hours after the European Medicines Agency (EMA) said it that was a victim of a cyber-attack recently.
It was not immediately clear when and how the attack took place, who was responsible and what other information may have been compromised in the process. The EMA is working on approval of two Covid-19 vaccines, including the one by Pfizer and BioNTech, which it expects to conclude within weeks.
Vaccine Under Attack
BioNTech, in a statement published on its website, said that it was informed by the EMA that there was a cyber attack and the documents had been accessed. However, it also mentioned that the agency has assured that there will be no impact on the timeline of the its review owing to the cyber-attack.
"Today, we were informed... that the agency has been subject to a cyber-attack and that some documents relating to the regulatory submission for Pfizer and BioNTech's Covid-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed," it said.
The EMA hasn't given much detail about the attack and said that a "full investigation" has been launched. Pfizer too is unclear about the extent of the attack except for acknowledging that documents relating to their vaccine candidate had been accessed. Pfizer, however, later clarified that "no systems have been breached in connection with this incident."
"We are unaware of any personal data being accessed," Pfizer said in a statement, while BioNTech said it was "unaware that any study participants have been identified through the data being accessed."
This isn't the first time that coronavirus vaccine related documents have come under cyber attack. In fact, medical and healthcare organizations have been the target of cyber-attack ranging from state-backed spies to cyber criminals wanting to obtain the latest information about the outbreak.
A few months back, Britain's National Cyber Security Centre (NCSC) warned that Russian intelligence has been targeting medical organizations working on successful vaccines in multiple countries including the United States, UK and Canada.
And in recent times, IBM said the cold storage supply chain used to transport viable vaccines had come under cyber-attack, in all likelihood by a nation state.
Although the intensity of the attack and the extent of damaged is yet to be revealed, the issue this time is more serious given that the vaccine has already been rolled out the UK and the United States is gearing up to vaccinate millions of its citizens in the coming weeks.
Britain's National Cyber Security Centre said it was still trying to gauge the situation and extent of the attack and if it will impact on the UK, the first country where the Pfizer-BioNTech vaccine has been deployed. Moreover, the cyber-attack comes just a day before the EMA is due to update the European Parliament on the progress of the vaccine assessments.
The EMA authorizes the use of medicines across the European Union. It was earlier headquartered in London but was shifted to Amsterdam in 2019 following Brexit.