Hackers Target Moderna Vaccine Data Through Cyberattack on EMA

Moderna has revealed that it was impacted by last week’s cyberattack on the European Medicines Agency (EMA), during which hackers compromised agency computer systems and accessed vaccine regulatory submission documents for Pfizer/BioNTech’s and Moderna’s COVID-19 vaccines.

This week, Moderna said the EMA warned it that hackers had illegally accessed “certain documents exchanged in the context of the pre-submission discussions” for its coronavirus vaccine, mRNA-1273. The U.S.-based drugmaker said it is awaiting more details about the cyberattack from the European regulator.

The company stressed that the hackers do not appear to have obtained any information about individual study participants, as the submission document did not include such data, and there is no evidence of its own data and computer systems being compromised in the attack.

Last week’s cyberattack on the EMA also successfully accessed information regarding Pfizer/BioNTech’s regulatory submission for their COVID-19 vaccine, BNT162b2. The agency, while it admitted to being hacked, did not divulge what exactly the hackers stole, only saying that it “swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities” and will provide further information at a later date (DID, Dec. 10).

BioNTech released a statement last week, saying it was informed by the EMA that the regulator was targeted by cyberattackers and that “some documents” related to BNT162b2 had been “unlawfully accessed.”

The German drugmaker stressed that “no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed.”

Microsoft recently issued a warning that cyberattacks are being mounted by hacker groups in Russia and North Korea against companies researching COVID-19 vaccines and treatments, imploring governments to take action (DID, Dec. 11).

In July, the Department of Justice indicted two Chinese hackers on charges of attempting to steal COVID-19 vaccine research data from three U.S. biotech firms (DID, July 22).

That same month, the UK’s National Cyber Security Centre announced that a Russian hacker group “almost certainly part of the Russian intelligence services” was trying to steal vaccine research and development information through the use of malware (DID, July 17).

The Pfizer/BioNTech two-dose vaccine has received emergency clearance in the U.S., the UK, Canada and elsewhere and is currently being administered to frontline healthcare workers and elderly patients. The EMA is expected to make a decision on authorizing the Moderna vaccine in the EU soon and has moved its advisory committee meeting ahead by one week to Dec. 21.

Moderna’s two-dose shot is being reviewed today by the FDA’s vaccines advisory committee and is expected to be recommended for Emergency Use Authorization. Should that occur, the FDA could clear the vaccine as soon as Friday, and distribution could begin over the weekend, with vaccinations potentially starting Monday. — James Miessler