Novo Nordisk announced on June 12 that it experienced a cybersecurity breach involving unauthorized access to personal data of some clinical trial participants. The company stated in a news release that only a limited amount of information was affected and emphasized that the accessed data were not directly linked to any patients by name or other direct identifiers.
According to Novo Nordisk, the compromised information includes sex, year of birth, biomarkers, lifestyle factors, and patient IDs. These IDs are random letters and numbers used after anonymization to identify trial participants. The company said the breach should not enable any third party to identify participants in its clinical trials.
Novo Nordisk urged those involved in its studies to remain vigilant and report anything unusual that could be linked to the incident. The company has launched an investigation with help from cybersecurity experts and has taken steps such as temporarily deactivating certain internal systems. Details about which systems were affected or how these measures might impact patient experience were not provided.
The announcement comes during a period of intense competition between Novo Nordisk and Eli Lilly in the obesity drug market. While Novo's oral Wegovy pill recently reached one million patients within 16 weeks of launch, bringing in around $355 million in first quarter sales, Eli Lilly's Foundayo also received approval earlier this year. CEO Maziar Mike Doustdar said last month that Wegovy is “off to a record-breaking start in the U.S.,”
In recent years, both companies have seen significant revenues from their GLP-1 franchises for diabetes and weight management drugs.
