Data Breach

Alleged docs relating to Covid-19 vaccine leaked in darkweb

Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb

Security experts from threat intelligence firm Cyble have found several documents relating to the Covid-19 vaccine allegedly stolen from the European Medicines Agency (EMA) leaked in the Darkweb.

While the pandemic is spreading on a global scale, threat actors continue to target government organizations and entities in the pharmaceutical industry.

In early December, the European Medicines Agency (EMA) announced a cyber attack that has targeted it. The EMA did not provide technical details about the attack, nor whether it will have an impact on its operations while it is evaluating and approving COVID-19 vaccines.

“EMA has been the subject of a cyberattack. The Agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities.” reads the EMA’s announcement.

“EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course.”

At the time of this writing, it is not clear whether the cyber attack was successful, either when it took place. The agency confirmed to have launched an investigation into the incident.

The European agency plays a crucial role in the evaluation of COVID-19 vaccines across the EU, it has access to sensitive and confidential information, including quality, safety, and effectivity data resulting from trials.

In the last months, security experts reported the surge of the illegal market for Covid-19 vaccines on the Darkweb market.

Recently, Cyble started tracking documents being shared on one of the Russian-speaking forums. The links to the documents have been shared by a newly created profile which was used only for the alleged data leak.

“During the assessment of data, our researchers noticed that multiple confidential files, including MoMs, assessment reports, confidential emails, login portal links and images of its internal pages were accessed and leaked.” reported the analysis published by Cyble.  

The experts shared screenshots of the internal email where the portal link was shared, the login page for the portal to access the reports, and images of internal pages.

The documents also include the alleged assessment report of COVID-19 vaccine along with the summary report of drug release and stability.

Below a list of security measures that organizations can adopt to counter the impact of cyberattacks targeting the COVID-19 vaccine supply chain. 

  • Validating third-parties and ensuring that they have the necessary level of cyber defences
  • Never clicking on unverified/unidentified links
  • Refraining from opening email attachments before validating their authenticity
  • Using security software and keeping it updated
  • Training employees on cybersecurity through cyber literacy programs
  • Periodically conducting third-party/suppliers risk assessment

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, COVID-19 vaccine)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

2 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

16 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

23 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

This website uses cookies.