In December 2020 the European Medicines Agency (EMA) announced that in the course of a successful attack on its network, some sensitive data had been tapped. These included documents from the pharmaceutical companies Pfizer and Biontech, which were in connection with the two companies’ application for approval of their vaccine against the corona virus.

Last week, the EMA announced in an update on the cyberattack that some of the copied documents – internal, confidential email correspondence from November 2020 – apparently published on the Internet. Before the leak, the attackers had also manipulated the data in a way “that could undermine trust in vaccines”. Pfizer and Biontech do not explicitly name the EMA in the update. However, she writes that the leaked email correspondence was in connection with the evaluation process of corona vaccines.

Further information on the leak and the suggested manipulation of the Information cannot be found in the EMA notification. The Authority emphasizes very strongly that the urgency to make vaccines available to EU citizens as quickly as possible has no impact on the high quality standards and the course of the approval process: “Despite this urgency, there has always been consensus across the EU not to compromise the high-quality s standards and to base any recommendation on the strength of the scientific evidence (.. .), and nothing else. ”

Leak possibly already in December After the EMA announcement was published, several media outlets pointed to earlier, previously neglected finds by two IT security companies. At the end of December, for example, the company Cyble published a blog entry with screenshots from a Russian underground forum in which data allegedly leaked by the EMA had been published: “Astonishing fraud! Evil Pfizer! Fake vaccines!”, According to the forum posting. Cyble’s contribution contains some quite authentic-looking screenshots of the login area to an internally used EMA information portal as well as partly defaced emails with EMA and Pfizer addresses.

According to Bloomberg , the Italian security firm Yarix reported its own discovery of leaked documents directly to the Italian security authorities shortly before the latest EMA report was published has been. Descriptions by the Yarix CEO to Bloomberg, such as screenshots of a secure EMA communications portal in a post, largely coincide with the information provided by Cyble in December. So far, however, the EMA has not commented explicitly on the reports of the security researchers. Your own investigations into the attack and data leak are still ongoing.

(ovw)