The European Medicines Agency (EMA) today revealed that a number of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the top goal of undermining the public’s trust in COVID-19 vaccines.
EMA is the decentralized agency that reviews and approves COVID-19 vaccines within the European Union , and therefore the agency that evaluates, monitors, and supervises any new medicines introduced to the EU.
Scotland environmental regulator hit by ‘ongoing’ ransomware attack
“The ongoing investigation of the cyberattack on EMA revealed that a number of the unlawfully accessed documents associated with COVID-19 medicines and vaccines are leaked on the web ,” the agency disclosed today.
“This included internal/confidential electronic messages dating from November, concerning evaluation processes for COVID-19 vaccines.
“Some of the correspondence has been manipulated by the perpetrators before publication during a way which could undermine trust in vaccines.”
EMA revealed that the COVID-19 vaccine data stolen in December was leaked online during a previous update, on Tuesday.
Pointing fingers at “fake vaccines”
Several threat actors leaking what they claimed to be the stolen EMA data on multiple hacker forums on December 31st.
Several sources within the cybersecurity Intelligence Community told in an interview that the leaked data archives included email screenshots, EMA referee comments, also as Word, PDF, PowerPoint documents.
Below may be a screenshot of 1 of the info leaks seen at the time, linking to archives containing the altered documents stolen during the EMA attack.
As the screenshot shows, the intent of the threat actor behind the leak was to spotlight that the Pfizer COVID-19 vaccine was fake, confirming EMA’s disclosure that the leaked documents were manipulated with the aim of weakening trust within the vaccines.
Following the December attack, the agency disclosed that it launched a joint investigation together with enforcement and a number of other other relevant entities.
Pfizer and BioNTech jointly disclosed that some COVID-19 documents concerning the regulatory submission stored on EMA’s servers were accessed by the threat actors behind the cyberattack.
EMA later revealed that the investigation shows that only a limited number of documents linked to the BNT162b2 COVID-19 vaccine candidate were accessed without authorization during the incident.
EMA also discovered that the info breach was limited to one IT app, with the threat actors behind this attack primarily targeting data associated with COVID-19 vaccines and medicines.
An EMA spokesperson wasn’t immediately available for comment when contacted by an interviewer earlier today.