[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fiwlBz8PAxeKn7JG52sVV1Z2zcBdYBsNzwAa0WcUnzhU":3},{"article":4,"iocs":53},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":30,"category":31,"article_tags":35},"1c92683f-d3ff-40cc-8fdb-acb38ecfffac","Cybercrime Group Claims Novo Nordisk Hack","cybercrime-group-claims-novo-nordisk-hack-b529d8","The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant. The post Cybercrime Group Claims Novo Nordisk Hack appeared first on SecurityWeek.","The hack-and-leak group FulcrumSec claims to have breached Danish pharmaceutical giant Novo Nordisk, stealing approximately 1.3 terabytes of data. The group alleges the breach occurred in March via a compromised GitHub access token, leading to the exfiltration of intellectual property, including drug programs and AI models. FulcrumSec demanded a $25 million ransom, which failed, and now threatens to leak the data.","FulcrumSec claims Novo Nordisk hack, exfiltrating 1.3TB of sensitive data.","The hack-and-leak group FulcrumSec has claimed responsibility for hacking the Danish pharmaceutical giant Novo Nordisk. The incident was disclosed late last week, when the company warned patients that hackers had accessed its internal IT systems and exfiltrated certain data associated with clinical trials. According to the pharma giant, the stolen information was pseudonymized and could not be directly linked to patients by name or identifiers. “Knowledge of patient identity would require access to further information, which was not part of the incident,” the company said. While no known cybercrime group has publicly claimed responsibility for the attack, FulcrumSec contacted DataBreaches to boast about hacking Novo Nordisk. The group claims to have hacked the company in March through a GitHub access token that allowed it to clone Novo Nordisk repositories and find additional credentials.Advertisement. Scroll to continue reading. FulcrumSec said it stole roughly 1.3 terabytes of data from the pharma giant and provided a list of over 700,000 files as proof. It also provided detailed information on the type of data allegedly stolen from the company, which appears to include intellectual property such as undisclosed drug programs, proprietary compound structures, the Dicerna RNAi pipeline, private AI models, and other data. FulcrumSec also shared some of its correspondence with Novo Nordisk, which included stolen credentials as proof of possession. The hacking group demanded a $25 million ransom, but the extortion attempt failed, and the hacking group is now threatening to leak the stolen data. At the time of publication, however, Novo Nordisk has not been listed on FulcrumSec’s Tor-based leak site. Related: French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker Related: ShinyHunters Claims Council of Europe Hack Related: University of Nottingham Confirms Breach After Hackers Leak Data Related: Hackers Leak DentaQuest Information Impacting 2.6 Million Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Ionut Arghire Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of DisclosureNewCore Emerges From Stealth Mode With $66 Million in FundingUkrainian Man Pleads Guilty in US to Conti Ransomware ChargesShinyHunters Claims Council of Europe HackFBI, Google Dismantle ‘Outsider Enterprise’ Phishing ServiceNPM 12 Will Change Script Execution Behavior to Prevent Supply Chain AttacksIranian Cyber Group Handala Claims Cal Water HackIvanti Sentry Exploitation Attempts Hitting Honeypots Latest News Magnitude Emerges From Stealth Mode With $10 Million in FundingAI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to AskEndpoint Security Startup Ent Emerges From Stealth With $100 Million Seed RoundCan CISOs Trust Their Applications? TrustCloud Wants to Replace the QuestionnaireCal Water Investigating Iranian Hackers’ ClaimsWhite House Issues Memo to Bolster NSS CybersecurityAtomic Arch Supply Chain Attack Hits 1,500 AUR PackagesCybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: How Modern Breaches Bypass MFA and Evade Detection June 17, 2026 Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes. Register Webinar: Modern Exposure Validation in the AI Era June 24, 2026 AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program. Register People on the MoveStephen Garcia has been named Chief Information Security Officer at BreachRx.Kasper Lindgaard has been appointed Vice President of Security Strategy at CoreView.Chaim Mazal has been named Chief Information Security Officer at GitLab.More People On The MoveExpert Insights After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told the Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) The Zero-Knowledge Threat Actor and the End of Responsible Disclosure AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor) Raising the Cybersecurity Stakes: Ante up for the Agentic Era CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael) Caught Off Guard: Securing AI After It Hits Production As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fcybercrime-group-claims-novo-nordisk-hack\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002FNovo-Nordisk.jpeg","2026-06-16T12:32:27+00:00","2026-06-16T14:00:10.045815+00:00",7,[18,21,24,27],{"name":19,"type":20},"FulcrumSec","threat_actor",{"name":22,"type":23},"Novo Nordisk","vendor",{"name":25,"type":26},"GitHub","product",{"name":28,"type":29},"Dicerna RNAi pipeline","campaign","2e06f76c-d5b9-4f54-9eef-4d3447b10730",{"id":30,"icon":32,"name":33,"slug":34},null,"Breaches","breaches",[36,41,43,48],{"category":37},{"id":38,"icon":32,"name":39,"slug":40},"26b0b636-0e31-4db1-bffb-61bdf9f20a58","Supply Chain","supply-chain",{"category":42},{"id":30,"icon":32,"name":33,"slug":34},{"category":44},{"id":45,"icon":32,"name":46,"slug":47},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":49},{"id":50,"icon":32,"name":51,"slug":52},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[54],{"type":55,"value":56,"context":57},"domain","github.com","Initial access vector claimed via GitHub access token"]