Hackers 'manipulated' stolen COVID-19 vaccine data before leaking it online

European Medicines Agency says investigation into cyberattack has revealed the hackers have attempted to "undermine trust" in COVID-19 vaccines.
Written by Danny Palmer, Senior Writer

Hackers who stole information about COVID-19 vaccines in a cyberattack against the European Union's medical agency and then published it online also manipulated what they found in order to spread disinformation designed to undermine trust in vaccines.

In the latest update on the cyberattack that was first disclosed last month, the European Medicines Agency (EMA) has revealed how hackers accessed confidential internal emails from November about evaluation processes for COVID-19 vaccines.

The ongoing investigation found that some of the contents of those emails has been manipulated by those behind the attack in what appears to be an attempt to create mistrust with disinformation about vaccines.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)    

"Some of the correspondence has been manipulated by the perpetrators prior to publication in a way that could undermine trust in vaccines," said the update from the EMA.

It's uncertain who the perpetrators of the EMA cyberattack are or why exactly they've manipulated the documents to spread disinformation in an effort to undermine trust in the vaccines. Anti-vax conspiracy theories about coronavirus have been a problem for social media and the wider world since the start of the pandemic.

A previous update from the EMA disclosed that hackers accessed and stole COVID-19 vaccine data during the December attack. The intruders, who were specifically targeting data relating to COVID-19 medicines and vaccines gained access to the formation by breaching an undisclosed IT application.

"The agency continues to fully support the criminal investigation into the data breach. Necessary action is being taken by the law enforcement authorities," said the EMA statement.

The UK's National Cyber Security Centre, Microsoft and the World Health Organisation are among those which have issued warnings over hacking groups targeting healthcare, pharmaceuticals, universities and other organisations involved in COVID-19 vaccine development and distribution.


Editorial standards