Pfizer and BioNTech said documents related to their Covid-19 vaccine were exposed during a cyberattack on the European Medicines Agency.
Vaccine makers said on Wednesday documents relating to the regulatory submission had been “illegally viewed” on the EMA’s server. The regulator had earlier Wednesday disclosed that he had been “the subject of a cyberattack” and declared that he was opening a full investigation and collaborating with law enforcement.
“It is important to note that no BioNTech or Pfizer systems were violated in connection with this incident and we do not know that study participants were identified from the data consulted,” the companies said in a report. communicated.
“The EMA has assured us that the cyber attack will have no impact on the timing of its review,” they added.
It was not possible to immediately determine which documents had been consulted, or whether other drug manufacturers had been affected. The EMA has been conducting continuous reviews of vaccine candidates for months, including those manufactured by Moderna, AstraZeneca and the University of Oxford.
Continuous reviews are a type of expedited assessment whereby drug manufacturers submit data, including safety and efficacy data, as it becomes available, rather than in an aggregate one time. Proprietary information such as intellectual property is generally not shared.
Earlier this year, the United States and the United Kingdom warned that state-sponsored hackers in China and Russia were targeting pharmaceutical and academic research groups developing coronavirus treatments and vaccines, in this which has been dubbed an “intellectual property war”.
In July, the United States accused two Chinese hackers targeting US companies researching coronaviruses with the theft of trade secrets.
Last week, IBM researchers said they found cyber attackers targeting the cold supply chain to deliver the Covid-19 vaccines, the assessment that this was likely a campaign supported by a nation-state.
“Virtually every actor in nation states has been targeting vaccine information since the onset of the pandemic, so it’s not at all surprising,” said Dmitri Alperovitch, co-founder of cybersecurity group CrowdStrike who now heads the pandemic. Silverado Policy Accelerator think tank. . The motives of the attackers were “very likely to gather intelligence on the efficacy and safety of vaccines,” he said.
This type of information, however, “will be public shortly,” he added.
The Amsterdam-based drug regulator has said it will consider approval of the Pfizer / BioNTech vaccine by December 29, which is about a week behind the plans discussed. at the end of last month.
Member states urged the agency, which oversees the approval of all countries in the European Union, to align with the approval timelines of the United Kingdom and the United States. The UK has approved the Pfizer / BioNTech vaccine, as have Bahrain and Canada, while an FDA advisory group is due to meet on Thursday to discuss whether to recommend that it receive authorization for use of the vaccine. ’emergency.
The EMA did not respond to an after-hours request for comment.
Additional reporting by Hannah Murphy