Hacking Group Claims Massive Data Theft from Novo Nordisk, Demanded $25 Million

A hacking group called FulcrumSec says it broke into the computer systems of Novo Nordisk, one of the world's biggest drug companies, and stole more than a terabyte of private data. The group then demanded $25 million to keep the data secret, but Novo Nordisk refused to pay. Now FulcrumSec says it may sell parts of the stolen information to others. Novo Nordisk makes well-known medicines like Ozempic and Wegovy, which are used to treat diabetes and obesity.

FulcrumSec posted a long message on its website claiming it spent more than two months secretly inside Novo Nordisk's computer networks. During that time, the group says it copied a huge amount of information, including company source code, details about released and unreleased drugs, data from medical trials, and personal information about employees, doctors, and patients. The group also says it grabbed information about the company's factories and internal computer programs powered by artificial intelligence. Reuters was not immediately able to confirm whether the stolen data was real.

Novo Nordisk, which is based in Denmark, confirmed that something happened. A company spokesperson said in an email that Novo Nordisk is aware of claims that data was allegedly copied from its systems without permission. The company said it is taking the situation seriously and has reached out to proper authorities. Novo Nordisk had first told the public about a cybersecurity problem on June 11, saying that a small number of its internal computer systems had been accessed without permission.

FulcrumSec says it first reached out to Novo Nordisk executives in early June. According to the group, company representatives responded about 48 hours later using a random Proton Mail email address. To prove the response was real, Novo Nordisk reportedly asked for specific files that only the company would know about. This back-and-forth showed that real negotiations took place between the two sides, even though they never reached a deal.

After Novo Nordisk refused to pay the $25 million demand, FulcrumSec said it is now exploring private sales for some of the data. The group said it would prefer not to sell the data at all, saying that releasing it publicly would be a stronger warning to other companies. FulcrumSec did say it would hold back certain sensitive data, including information on thousands of employees and doctors, and records related to about 11,500 patients from clinical trials. The group said it would also withhold data about factory equipment and sensors as part of what it called a harm-reduction strategy.

A cybersecurity expert who has followed FulcrumSec closely said the group should be taken seriously. Thomas Willkan, head of research at a firm called Lab-1, said FulcrumSec is usually quite reliable in terms of both its skills and its claims. FulcrumSec first appeared in October 2025, so it is a relatively new group. Despite being new, experts say it has shown it can carry out serious attacks.

A website called DataBreaches.net reported that FulcrumSec told them the group first got into Novo Nordisk's network back in March. The hackers reportedly shared a list of more than 700,000 stolen files, totaling about 1.3 terabytes of data. Separately, another website called VX-Underground reported that a different, unnamed hacker had also broken into Novo Nordisk. FulcrumSec said its attack has nothing to do with that other hacker, and the two incidents are separate events.