Hackers claim to have stolen Ozempic maker's data, AI models
What's the story
FulcrumSec, a cyber extortion group that emerged in October 2025, has claimed responsibility for a major data breach at pharmaceutical giant Novo Nordisk. The hackers claim to have stolen over a terabyte of data from the company after their $25 million ransom demand went unanswered. They say they spent more than two months inside the company's systems and are now considering selling portions of the stolen data.
Data details
What data has been stolen?
The stolen data, according to FulcrumSec, includes the company's source code, proprietary information on both released and unreleased drugs, trial data, and personal information of employees, doctors, and patients. It also contains details about the company's processing facilities and internal AI model information. A spokesperson for Novo Nordisk confirmed they are aware of claims that such data has been published online without authorization from their systems.
Company statement
Novo Nordisk is in contact with relevant authorities
In light of the data breach, Novo Nordisk said it is taking the matter seriously and continues to operate its main platforms. The company is in contact with relevant authorities over this issue. FulcrumSec claims that after their initial contact on June 1, representatives from Novo Nordisk reached out on June 3 using a random Proton Mail address for verification purposes.
Data sale
FulcrumSec now exploring private sales for some data
FulcrumSec has said it would prefer not to sell the stolen data, "as open sourcing it is a more effective deterrent for future companies to avoid paying." However, after Novo Nordisk refused to pay the ransom, they are now "exploring private sales" for some of the data related to certain drugs and other internal information. The group has also promised not to share some of the sensitive information such as details on thousands of company employees and physicians.
Strategy explanation
FulcrumSec promises to withhold some data
FulcrumSec has also promised to withhold data related to operational technology and software used at Novo Nordisk's production facilities as part of its "harm-reduction strategy." This comes as the Danish company is known for its treatments for obesity and diabetes, particularly Wegovy and Ozempic. The group claims it gained access to Novo Nordisk's network in March and shared correspondence with the company starting June 1.