Home > Security > Security News

Hackers Claim 1TB Data Theft from Wegovy and Ozempic Maker Novo Nordisk, Demand $25 Million 

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
data breach
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • Massive Theft Claimed: FulcrumSec says it stole more than a terabyte of data from Novo Nordisk, the Wegovy and Ozempic maker.
  • Ransom Refused: The group demanded $25 million, which Novo Nordisk says it declined to pay.
  • Two Attacks: The company was reportedly hit by two separate threat actors this year.

A cyber extortion group called FulcrumSec claims to have stolen more than 1 terabyte of data from pharmaceutical giant Novo Nordisk, known for obesity and diabetes treatments Wegovy and Ozempic. The gang demanded $25 million, a sum the company refused to pay.

The group, which emerged in October 2025, said it spent more than two months inside the company's networks.

What FulcrumSec Claims to Have Stolen

A spokesperson said the company is aware of claims that data allegedly copied externally without authorisation has been published online, but the authenticity of the data breach could not immediately be verified, according to Reuters. The group said the haul includes:

Novo Nordisk disclosed an “IT Security Incident” | Source: novonordisk.com 
Novo Nordisk disclosed an “IT Security Incident” | Source: novonordisk.com 

FulcrumSec said it is now exploring private sales for some data after the refusal. The group stated it would not share data on thousands of employees and physicians and roughly 11,500 pseudonymized clinical trial patients. It would also withhold data on operational technology at Novo Nordisk production facilities.

Novo Nordisk disclosed a cybersecurity incident on June 11, saying it involved unauthorized access to a limited number of internal IT systems that included access to certain personal data, including:

Two Compromise Reports

FulcrumSec told the DataBreaches.net blog on June 15 it gained access in March and shared purported correspondence listing more than 700,000 files, roughly 1.3 terabytes. 

On June 16,  a new report talked about a second threat actor identified as TheUSERS007. VX-Underground reported separately about an unnamed hacker compromising Novo Nordisk.

The spokesperson said the company takes the matter seriously, maintains continued operations of its main platforms, and is in contact with relevant authorities.

In other recent news, a hacker claimed a Nintendo data breach, allegedly stealing approximately 860 MB via TINYpulse systems.

Add a Comment
Related
Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft
Microsoft Teams Logo
DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn
football stadium
FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream
Microsoft - Phishing - Crack
EvilTokens: PhaaS Kit Abusing OAuth Device Code Flow on Microsoft 365
Data Breach
iRhythm Holdings Discloses Third-Party Data Breach via Social Engineering
ShinyHunters Claims 297 GB Council of Europe Data Breach
Most Popular
Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft
Microsoft Teams Logo
DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn
football stadium
FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
Microsoft - Phishing - Crack
EvilTokens: PhaaS Kit Abusing OAuth Device Code Flow on Microsoft 365
When Third-Party Content Appears Inside ChatGPT Responses, Trust Gets Transferred Unintentionally
Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft
DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn
FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
EvilTokens: PhaaS Kit Abusing OAuth Device Code Flow on Microsoft 365
When Third-Party Content Appears Inside ChatGPT Responses, Trust Gets Transferred Unintentionally

Most Popular
Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft
Microsoft Teams Logo
DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn
football stadium
FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
Microsoft - Phishing - Crack
EvilTokens: PhaaS Kit Abusing OAuth Device Code Flow on Microsoft 365
When Third-Party Content Appears Inside ChatGPT Responses, Trust Gets Transferred Unintentionally
Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft
DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn
FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream
UK Government Signals Possible VPN Restrictions Ahead of Social Media Ban for Under-16s
EvilTokens: PhaaS Kit Abusing OAuth Device Code Flow on Microsoft 365
When Third-Party Content Appears Inside ChatGPT Responses, Trust Gets Transferred Unintentionally

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: