FulcrumSec Hits Novo Nordisk for 1.3TB, $25M Refused
Key insights
- FulcrumSec breached Novo Nordisk via a GitHub access token in March, claiming to have extracted 1.3 terabytes across 700,000-plus files.
- Novo Nordisk confirmed hackers accessed internal IT systems and data associated with clinical trials, but stated patient identity was not exposed.
- FulcrumSec's $25 million ransom demand failed; the group now threatens to release stolen data including private AI models and drug pipeline IP.
Why this matters
A 1.3TB pharmaceutical breach that allegedly includes private AI models and proprietary drug pipelines marks a new category of IP risk, where machine-learning assets become high-value exfiltration targets alongside traditional research data. The GitHub access token vector highlights that developer tooling is one of the highest-leverage pivot points for attackers in R&D-heavy organizations, yet it is consistently underweighted in security audits relative to network perimeter controls. If FulcrumSec releases or sells the Dicerna RNAi pipeline and proprietary compound structures, competitors and state actors gain direct access to years of Novo Nordisk's drug discovery work without the underlying investment.
Summary
FulcrumSec claims it breached Novo Nordisk in March using a GitHub access token, cloning company repositories and locating additional credentials to exfiltrate approximately 1.3 terabytes across 700,000-plus files.
The haul allegedly includes undisclosed drug programs, proprietary compound structures, the Dicerna RNAi pipeline, and private AI models. Novo Nordisk has acknowledged hackers accessed internal IT systems and exfiltrated data associated with clinical trials, but stated that patient identity was not exposed.
Essentially: (FulcrumSec, Novo Nordisk) are at a standoff, with pharmaceutical IP and AI models as the leverage.
- FulcrumSec demanded $25 million, Novo Nordisk declined, and the group now threatens to release the stolen data.
- A list of 700,000-plus files is offered as evidence of the breach scope.
- Novo Nordisk had not appeared on FulcrumSec's leak site as of publication.
A confirmed release would put drug discovery pipelines and private AI models directly into adversarial hands.
Potential risks and opportunities
Risks
- Novo Nordisk faces regulatory scrutiny if its clinical trial data notifications prove insufficient under GDPR or FDA guidelines, given the confirmed exfiltration from internal systems
- FulcrumSec could sell proprietary compound structures and the Dicerna RNAi pipeline to competing pharmaceutical firms or state-sponsored researchers, directly eroding Novo Nordisk's drug pipeline value
- Other biotech and pharmaceutical companies relying on GitHub for repository management face copycat attacks targeting access tokens after FulcrumSec publicizes this intrusion vector
Opportunities
- GitHub secrets-scanning and access-control vendors (GitGuardian, Cycode, Legit Security) gain a high-profile case study to accelerate enterprise sales in pharmaceutical and biotech sectors
- Pharmaceutical sector cyber insurers will likely reassess IP coverage terms for R&D-heavy organizations, creating repricing opportunities for insurers with drug-pipeline IP expertise
- Incident response firms with pharmaceutical sector experience gain leverage as Novo Nordisk and peer companies audit GitHub access controls and repository permissions following this disclosure
What we don't know yet
- Whether Novo Nordisk has mapped the full scope of the GitHub access token's reach across internal repositories beyond what FulcrumSec disclosed
- How FulcrumSec plans to release or sell the data, given that Novo Nordisk had not appeared on the group's leak site as of June 16, 2026
- Whether the confirmed exfiltration of clinical trial data triggers mandatory regulatory notifications under GDPR or FDA guidelines beyond what Novo Nordisk has publicly stated
Originally reported by securityweek.com
Read the original article →Original headline: FulcrumSec Claims 1.3TB Theft From Novo Nordisk Including Private AI Models — $25M Ransom Refused, Private Data Sales Threatened