The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.
EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines, as well as for evaluating, monitoring, and supervising any new medicines introduced to the EU.
"The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet," EMA said today. "Necessary action is being taken by the law enforcement authorities."
"The Agency continues to fully support the criminal investigation into the data breach and to notify any additional entities and individuals whose documents and personal data may have been subject to unauthorized access."
EMA also said that European medicines regulatory network is fully functional and COVID-19 evaluation and approval timelines are not affected by the incident.
On December 31st, BleepingComputer became aware of threat actors leaking what they claimed was the stolen EMA data on several hacker forums. Below is a screenshot of one of the leaks seen by BleepingComputer at the time.
The hacked files show that the clinical vaccines had 78% RNA integrity which dropped to only 55% in the commercial batches: