United States drugmaker Pfizer and its German partner BioNTech said on Wednesday that documents related to their development of a COVID-19 vaccine had been “unlawfully accessed” in a cyberattack on Europe’s medicines regulator.
The European Medicines Agency (EMA), responsible for assessing and approving medicines and vaccines for the European Union (EU), said hours earlier that it had been targeted in a cyberattack. It gave no further details.
Pfizer and BioNTech said they did not believe any personal data of trial participants had been compromised and EMA “has assured us that the cyberattack will have no impact on the timeline for its review.”
It was not immediately clear when or how the attack took place, who was responsible or what other information may have been compromised.
A spokeswoman for BioNTech declined further comment. Pfizer did not immediately respond to a request for further comment.
The two companies said they had been informed by the EMA “that the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate … had been unlawfully accessed.”
They added that “no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed.”
The Pfizer-BioNTech development is among the top contenders in a global race to roll out a vaccine for COVID-19. It is already being administered in the United Kingdom, which last week gave the vaccine approval for emergency use.
But the Pfizer-BioNTech vaccine is still being studied by the EU. The EMA has said it would complete its review by December 29, although it has said its schedule may be subject to change.
The EMA gave few details about the attack in its earlier statement, saying only that it was investigating the incident with help from law enforcement.
“EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course,” it said in a statement.
Hacking attempts against healthcare and medical organisations have intensified during the COVID-19 pandemic as attackers ranging from state-backed spies to cybercriminals scramble to obtain the latest information about the outbreak.
Reuters news agency has previously documented how hackers linked to North Korea, Iran, Vietnam, China and Russia have on separate occasions been accused of trying to steal information about the virus and its potential treatments.