Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Novo Nordisk

Novo Nordisk Vendor Cyber Rating & Cyber Score

novonordisk.com

We’re not your typical healthcare company. In a modern world of quick fixes, we focus on solutions to defeat serious chronic disease and create long-term health. We seek out new ideas and put people first as we push the boundaries of science, make healthcare more accessible, and work to treat, prevent, and even cure diseases that affect millions of lives. Founded in Denmark in 1923, today we employ more than 68,800 people in 80 offices around the world – all united by our bold purpose to drive change to defeat serious chronic diseases. Want to learn more? Visit www.novonordisk.com. This page isn’t intended for discussions about products. As such, postings or comments that contain product discussions may be removed. This page is for


Novo Nordisk A.I CyberSecurity Scoring

Novo Nordisk
Company Information
Website:https://www.novonordisk.com
Employees number:62,361
Number of followers:2,888,009
NAICS:3254
Industry Type:Pharmaceutical Manufacturing
Homepage:novonordisk.com
Novo Nordisk Risk Score (AI oriented)
Between 650 and 699
logo
Novo NordiskPharmaceutical Manufacturing
Updated:
13/07/2026
674/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Novo Nordisk Global Score (TPRM)
xxxx
logo
Novo NordiskPharmaceutical Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Novo Nordisk
Novo NordiskWeak
Current Score
674B (WEAK)
01000
5 incidents
-34 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
674Before Incident
JUNE 2026
741Before Incident
Ransomware
18 Jun 2026Novo Nordisk
Novo Nordisk: Ozempic Maker Novo Nordisk Hit by Massive Cyberattack, Hackers Claim Theft of 1.3TB Clinical Trial and AI Data

Novo Nordisk Hit by Major Ransomware Attack: 1.3TB of Sensitive Data Stolen

671After Incident
CRITICAL-70
NOV1781951217
Novo Nordisk Hit by Major Ransomware Attack: 1.3TB of Sensitive Data Stolen Pharmaceutical giant Novo Nordisk is grappling with a severe cybersecurity breach after the ransomware group FulcrumSec claimed to have stolen 1.3 terabytes of sensitive data, including clinical trial records, employee information, and proprietary AI models used in drug development. The hackers allege they infiltrated the company’s systems months ago, exfiltrating data tied to experimental treatments for diabetes, obesity, chronic kidney disease, and sickle cell disease. FulcrumSec has demanded a $25 million ransom, and after Novo Nordisk reportedly refused to pay, the group began leaking samples of the stolen data on its dark web site. Among the compromised files, the attackers claim to have obtained AI models, scientific imaging datasets, and internal research documents potentially exposing years of intellectual property. The breach allegedly occurred through exposed credentials and access tokens left unsecured in development systems, allowing the hackers to move laterally across internal platforms. While Novo Nordisk has acknowledged an IT security incident, it has not confirmed the full extent of the breach. The company stated it is working with authorities and prioritizing the protection of patient data, with its main operations remaining functional. This attack underscores a rising trend in cybercrime, where threat actors steal data before encrypting systems, leveraging the threat of public exposure to extort payments. For pharmaceutical firms, the stakes are particularly high, as stolen research and clinical trial data could be exploited by competitors or malicious actors.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial extortion, data theft for competitive or malicious exploitation
IMPACT
Data Compromised: 1.3TB of sensitive dataOperational Impact: Main operations remaining functionalBrand Reputation Impact: Potential reputational damage due to data exposureIdentity Theft Risk: Employee information compromised
DATA BREACH
Clinical trial recordsEmployee informationProprietary AI modelsScientific imaging datasetsInternal research documentsSensitivity Of Data: High (intellectual property, patient data, experimental treatments)Data Exfiltration: YesPersonally Identifiable Information: Employee information
JUNE 2026
771Before Incident
Breach
11 Jun 2026Novo Nordisk
Novo Nordisk: Novo Nordisk Probes Data Breach After Cybersecurity Incident

Novo Nordisk Data Breach Investigation

741After Incident
CRITICAL-30
NOV1781195765
Novo Nordisk Investigates Data Breach Following Unauthorized IT System Access Novo Nordisk, the Danish pharmaceutical company, disclosed on June 11 that it had detected a security incident involving unauthorized access to a limited number of its internal IT systems. The breach was identified earlier this week, prompting the company to launch an investigation with the support of external cybersecurity experts and in coordination with relevant authorities. As part of its response, Novo Nordisk temporarily took certain internal systems offline to contain the incident and is working to restore them securely. While the investigation remains ongoing, the company confirmed that non-public data including personal information was copied externally without authorization. Affected parties are being notified as appropriate. Despite the breach, Novo Nordisk stated that its core business operations remain unaffected and continue to function normally. The company has not disclosed further details on the scope of the exposed data or the identity of the threat actors involved.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Non-public data including personal informationSystems Affected: Limited number of internal IT systemsOperational Impact: Core business operations remain unaffected
DATA BREACH
Type Of Data Compromised: Personal information, non-public dataSensitivity Of Data: High (personal information)
JUNE 2026
773Before Incident
Vulnerability
01 Jun 2026Novo Nordisk
Oracle: CISA Warns of Two-Year-Old Oracle WebLogic Server Vulnerability Exploited in Attacks

Critical Oracle WebLogic Server Vulnerability (CVE-2024-21182) Actively Exploited

771After Incident
CRITICAL-2
ORA1780418023
Critical Oracle WebLogic Server Vulnerability (CVE-2024-21182) Actively Exploited The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server, to its Known Exploited Vulnerabilities (KEV) catalog on June 1, 2026, following confirmed in-the-wild exploitation. The flaw affects Oracle WebLogic Server, a widely deployed enterprise Java application server used in both cloud and on-premise environments. The vulnerability is classified as an unauthenticated remote code execution (RCE) flaw, allowing attackers to exploit it without authentication via WebLogic’s T3 or IIOP protocols, which are commonly used for internal application communication. Successful exploitation could enable threat actors to bypass authentication controls, access sensitive data, or fully compromise affected systems, potentially leading to lateral movement, data exfiltration, or deployment of malicious payloads such as web shells or remote access trojans. While no specific threat actors or ransomware groups have been publicly attributed to these attacks, security researchers warn that the vulnerability could be rapidly adopted in financially motivated campaigns, given WebLogic’s history as a frequent target in ransomware intrusion chains. CISA has mandated federal agencies to remediate the vulnerability by June 4, 2026, under Binding Operational Directive 22-01. Organizations are advised to apply Oracle’s official patches immediately or implement mitigation measures, such as isolating affected systems, restricting access to T3/IIOP protocols, and enforcing network segmentation. Continuous monitoring for unusual traffic patterns or unauthorized access attempts is also recommended to detect early signs of compromise. The incident highlights the ongoing risks posed by unpatched enterprise middleware and the need for proactive vulnerability management to defend critical infrastructure.
INCIDENT DETAILS -
TYPE
Remote Code Execution (RCE)
MOTIVATION
Financial gain (potential)
IMPACT
Data Compromised: Sensitive data accessSystems Affected: Oracle WebLogic Server (cloud and on-premise)Operational Impact: Potential full system compromise, lateral movement, data exfiltration
DATA BREACH
Type Of Data Compromised: Sensitive dataSensitivity Of Data: HighData Exfiltration: Potential
MAY 2026
772Before Incident
APRIL 2026
771Before Incident
MARCH 2026
771Before Incident
FEBRUARY 2026
770Before Incident
JANUARY 2026
808Before Incident
DECEMBER 2025
767Before Incident
NOVEMBER 2025
766Before Incident
OCTOBER 2025
764Before Incident
SEPTEMBER 2025
763Before Incident
AUGUST 2025
762Before Incident
MARCH 2025
783Before Incident
Breach
01 Mar 2025Novo Nordisk
Novo Nordisk: Pharmalittle: We’re reading about a discontinued cancer drug, a Novo security breach, and more

Novo Nordisk Unauthorized Data Access in Cybersecurity Incident

753After Incident
CRITICAL-30
NOV1781273379
Nonprofit Acquires Discontinued Cancer Drug to Ensure Patient Access In an unusual move, the nonprofit Blood Cancer United (formerly the Leukemia & Lymphoma Society) has purchased the remaining supplies of Luvelta, an investigational cancer drug discontinued by Sutro Biopharma in March 2025. As part of the deal, the organization also acquired the drug’s investigational new drug (IND) designation and will manage a compassionate-use program for children with a rare form of blood cancer. The medication will be distributed free of charge to eligible patients while supplies last. Sutro Biopharma had previously terminated both development and its compassionate-use program for Luvelta, leaving patients without access. Blood Cancer United’s intervention aims to bridge this gap, though availability remains limited by existing stock. --- Novo Nordisk Reports Unauthorized Data Access in Cybersecurity Incident Novo Nordisk, the Danish pharmaceutical company, has disclosed a security breach in which unauthorized parties copied patient data from its internal IT systems. The incident, detected by the company, involved information from clinical trials, including patient IDs, birth years, sex, and health or immunogenicity data. While Novo Nordisk does not believe the breach allows for the identification of individual trial participants, it has launched an investigation with external cybersecurity experts and notified relevant authorities. No further details on the scope or perpetrators of the breach have been released. The company has not indicated whether the incident will impact ongoing clinical trials or operations.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Patient data from clinical trials, including patient IDs, birth years, sex, and health or immunogenicity dataSystems Affected: Internal IT systems
DATA BREACH
Patient IDsBirth yearsSexHealth dataImmunogenicity dataSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Patient IDs, birth years, sex
JANUARY 2025
833Before Incident
Ransomware
01 Jan 2025Novo Nordisk
Novo Nordisk: Healthcare Must Protect Innovation, Not Just Patient Data

Novo Nordisk Cyberattack

781After Incident
CRITICAL-52
NOV1783968592
Novo Nordisk Cyberattack Highlights Shift in Healthcare Cybersecurity Threats A recent cyberattack on Novo Nordisk has exposed a troubling evolution in healthcare cyber threats, with attackers targeting far more than patient records. The breach, which allegedly involved the theft of clinical trial data, proprietary drug research, AI models, and intellectual property, underscores a growing trend: cybercriminals are increasingly focusing on high-value scientific assets rather than traditional data. The attackers reportedly demanded a $25 million ransom before leaking portions of the stolen information after the demand was refused. While details remain unverified, the incident reflects a broader shift in healthcare cybersecurity one where research, algorithms, and drug development pipelines are now prime targets. ### Healthcare’s Most Valuable Assets Under Threat For years, healthcare cybersecurity prioritized protecting electronic health records (EHRs) and maintaining operational continuity. However, today’s attackers are drawn to assets that cannot be easily replaced: clinical trial data, proprietary molecule libraries, AI training datasets, and drug discovery pipelines. These assets represent years of investment and billions in R&D, making them lucrative targets for sophisticated threat actors. The Novo Nordisk breach suggests that attackers are no longer just seeking personal data they’re after the intellectual property that drives medical innovation. This shift demands a reevaluation of security strategies, as traditional defenses may not be enough to protect these high-stakes assets. ### Identity as the New Attack Surface A recurring pattern in recent healthcare breaches is the exploitation of legitimate credentials rather than technical vulnerabilities. Attackers increasingly bypass defenses by compromising identities, as stolen logins allow for quieter, more persistent access. In the Novo Nordisk case, threat actors allegedly maintained access for over two months using compromised credentials, even after partial detection. This mirrors a broader trend seen in other incidents, such as the Xsolis breach, where phishing led to the compromise of an employee account, affecting nearly 1.4 million individuals. Healthcare’s growing reliance on third-party vendors, AI applications, and cloud services further complicates identity management. Each new credential whether for researchers, contractors, or connected devices expands the attack surface, making robust access controls and continuous monitoring essential. ### AI Expands the Attack Surface The rapid adoption of AI in healthcare introduces new cybersecurity challenges. While AI enhances clinical efficiency and research, it also creates additional risks. Employees using public generative AI tools for document analysis or report drafting may inadvertently expose sensitive data, while AI platforms themselves introduce new identities, APIs, and data repositories that must be secured. The collaborative nature of modern healthcare where research data flows between pharmaceutical companies, contract research organizations (CROs), and technology partners further increases exposure. Without strict governance, proprietary research can leak into unmanaged systems, making AI a double-edged sword for innovation and security. ### Governance Over Technology The Novo Nordisk incident reinforces that cybersecurity in healthcare is no longer just a technical issue it’s a governance challenge. Organizations must now treat intellectual property with the same urgency as patient data, implementing measures such as: - Strengthened identity security (MFA, privileged access management, credential rotation) - AI governance frameworks (approved platforms, data classification, usage policies) - Third-party risk management (vendor security assessments, contractual safeguards) - Research asset protection (prioritizing labs, clinical trials, and IP in security programs) As healthcare continues to digitize, the focus must shift from merely preventing breaches to safeguarding the scientific breakthroughs that define the future of medicine. The Novo Nordisk attack serves as a stark reminder that in today’s threat landscape, innovation itself is now a target.
INCIDENT DETAILS -
TYPE
Data Breach, Ransomware
MOTIVATION
Financial gain, Intellectual property theft
IMPACT
Data Compromised: Clinical trial data, proprietary drug research, AI models, intellectual propertyBrand Reputation Impact: High
DATA BREACH
Clinical trial dataProprietary drug researchAI modelsIntellectual propertySensitivity Of Data: HighData Exfiltration: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Novo Nordisk ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Novo Nordisk's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Novo Nordisk's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Novo Nordisk ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Novo Nordisk's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?