Investigations into the attack on the European Medicines Agency (EMA) that occurred in December are still ongoing. It has now been revealed that the information accessed about the Pfizer and BioNTech vaccine has been leaked by the threat actors responsible for the breach. Although there are many details still unknown, including the attack timeframe, initial point of compromise and what data was accessed, the EMA is notifying those that may have had their information accessed. Fortunately, Pfizer and BioNTech have not been breached as a secondary attack and the EMA’s servers and vaccine approval processes are not affected. It’s unclear why the attackers decided to leak the information they have if it’s not detrimental to the vaccine’s rollout. It is very possible it was leaked simply as a means of verification with others in their community, unless they have more information than they’re letting on.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in