Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition

Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data.

Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. The Company states that the security breach did not impact its operations, it notified government authorities and engaged cybersecurity experts and its outside law firm to respond to the incident. Supernus Pharmaceuticals also declared to have successfully recovered the encrypted files and has taken additional security measures to prevent future incidents.

“Supernus Pharmaceuticals, Inc. (NASDAQ: SUPN), a biopharmaceutical company, today announced that it was the recent target of a ransomware attack. The attack had no significant impact on the business and did not cause any serious disruption to the Company’s operations. The Company continues to operate without interruption and does not currently anticipate paying any ransom amounts to any criminal ransomware group.” reads the press release published by the company.

The company is a leading biopharmaceutical firm with more than 30 years of experience in developing and commercializing products that treat central nervous system (CNS) diseases.

The Hive ransomware gang claimed responsibility for the attack and published the following message on its dark web leak site:

“On 11.14.2021 SUPERNUS’s network was compromised, encrypted and 1.5 terabytes of data were exfiltrated. Since then Supernus Inc. was in constant negotiations to prevent a disclosure of this incident because of pending acquisition of ADAMAS PHARMACEUTICALS, INC. On Nov. 24 SUPERNUS INC. filed this document https://sec.report/Document/0001104659-21-143352/. The document has not an information about the breach. SUPERNUS partners and consumers have to be aware about company’s unethical behavior.”

The Hive operators claim to have stolen 1,5TB of data, they also pointed out that the leak of the stolen info could have a serious impact on the ongoing acquisition of ADAMAS PHARMACEUTICALS, INC.

The company added that it has not paid any ransomware.

“To date, the Company has not paid any ransom and has been able to restore all of the information encrypted by the criminal ransomware group.” concludes the press release. “Although to date the Company’s business and operations have not been significantly impacted by the incident, there is no assurance that further attacks may not significantly impact the Company’s business or operations and that information improperly obtained by the criminal ransomware group may not be exploited by the criminal ransomware group or other third parties. The Company will take appropriate action to protect any stolen confidential information and will continue to investigate the incident and monitor the situation going forward.”

On Friday, the company filed an 8-K Form with the SEC that also reports the ransomware attack.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Supernus Pharmaceuticals)

[adrotate banner=”5″]

[adrotate banner=”13″]