ADVERTISEMENT

Novo Nordisk hackers turn to private sale after Ozempic maker refuses $25M ransom demand

FulcrumSec, the hackers behind Novo Nordisk's recent cyberattack, claim the GLP-1 drugmaker refused a $25 million ransom demand and say they are now “exploring private sales” of 1.3TB of allegedly stolen data.

GLP-1, Novo Nordisk

Image by KK Stock | Shutterstock

Stefanie Schappert
Stefanie Schappert Senior Journalist
Jun 17, 2026 Updated: 17 June 2026 5 min read
Key takeaways:

Novo Nordisk confirms patient data breach

Novo Nordisk breach statement
Novo Nordisk disclosed an “IT Security Incident” involving unauthorized access to certain personal data. Image by Cybernews via novonordisk.com

Hackers turn to private sales after $25M ransom refusal

FulcrumSec Novo Norddisk leak post
FulcrumSec claims it stole 1.3TB of data from Novo Nordisk. FulcrumSec leak site. Image by Cybernews.
Novo Nordisk HQ
Novo Nordisk headquarters in Denmark. Image by Oleschwander | Shutterstock

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

What the attackers claim to have stolen

hooded hacker
The hackers say they are now exploring private sales of allegedly stolen Novo Nordisk data. Image by GBJSTOCK | Shutterstock
ADVERTISEMENT
FulcrumSec Novo Nordisk hack proof
FulcrumSec claims compromising Novo Nordisk’s GitHub Personal Access Token (PAT) allowed them to “spider” throughout the company’s various cloud systems and access to “over a thousand private repositories.” FulcrumSec leak site. Image by Cybernews

Novo downplays patient data risk

  • Patient ID (random alphanumeric string) and information on trial participation
  • Sex
  • Year of birth
  • Biomarkers
  • Health/immunogenicity data
  • Lifestyle factors, e.g. smoking, alcohol use, BMI
medical patient records
Novo Nordisk says exposed clinical trial data may include biomarkers, health information, and lifestyle factors tied to study participants. Image by Tero Vesalainen | Shutterstock
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

Who is FulcrumSec?

LexisNexisBreachForumspost
FulcrumSec claimed responsibility for the LexisNexis breach on BreachForums in March 2026. Image by Cybernews.
FulcrumSec leak site concept campiagns
FulcrumSec categorizes victims under themed "concept campaigns" such as The Hardcoded Horror Show and Index of Shame. Image by Cybernews

ADVERTISEMENT