The cyber extortion collective known as “FulcrumSec” has claimed responsibility for a massive cyberattack against pharmaceutical giant Novo Nordisk. The hackers allege they have successfully exfiltrated more than a terabyte of highly sensitive data from the company’s internal servers after Novo Nordisk refused to comply with a staggering $25 million ransom demand.
The Danish pharmaceutical titan, globally renowned for its blockbuster diabetes and weight-loss drugs Ozempic and Wegovy, previously acknowledged a cybersecurity breach on June 11, 2026. At the time, company officials characterized the breach as localized, involving unauthorized access to a limited number of internal IT systems and minor amounts of personal data, News.Az reports, citing Reuters.
FulcrumSec, a sophisticated hacking outfit that first appeared on the threat intelligence radar in October 2025, published a lengthy statement on its dark web leak site detailing the operation. The group claims its operatives spent more than two months quietly traversing Novo Nordisk’s networks undetected, starting in March.
According to the hackers, the stolen cache comprises approximately 700,000 individual files totaling roughly 1.3 terabytes of data. The group claims the stolen data cache includes:
Proprietary Formulae: Intellectual property and trade secrets regarding both currently released and unreleased experimental drugs.
Corporate Secrets: Internal software source code and proprietary artificial intelligence (AI) models used by the pharmaceutical giant.
Personal Data: Detailed records of corporate employees, healthcare professionals, and medical trial data.
Cybersecurity experts warn that the group’s technical capabilities should be taken seriously. Thomas Willkan, head of research at the cybersecurity firm Lab-1, noted that FulcrumSec has a proven track record of operational legitimacy, stating they are “usually quite legit in terms of both their capabilities and also their claims.”
A bizarre “harm-reduction strategy”
In an unusual twist, FulcrumSec announced it is initiating a “harm-reduction strategy” regarding how it handles the stolen material. The group stated it will actively withhold sensitive operational technology software—specifically programs used to control machinery and automated sensors at Novo Nordisk’s actual manufacturing facilities—to avoid physical disruption to drug production.
The hackers also claimed they will protect the specific medical records of roughly 11,500 clinical trial patients and thousands of physicians. Instead, because Novo Nordisk flatly refused to pay the $25 million extortion fee, the group announced it is actively exploring “private sales” to auction off the highly valuable proprietary drug data and corporate blueprints to competitors or the highest bidder.
Click Here For The Original Source.
