Novo Nordisk has disclosed an IT security incident involving unauthorized access to a limited number of its internal systems, prompting a broad technical and regulatory response by the Danish drugmaker.
The company said it identified the breach on 11 June 2026 and immediately launched an investigation supported by external cybersecurity specialists. As part of its containment efforts, Novo Nordisk temporarily took some internal IT systems offline to protect its broader environment and is now working to restore those systems “in a controlled and safe manner,” acknowledging that the process will take time.
Despite the disruption, Novo Nordisk emphasized that its core business operations remain unaffected and “up and running,” an important assurance for patients, healthcare providers, and investors who rely on uninterrupted supply of the company’s diabetes, obesity, and other therapies.
The investigation has so far determined that certain non‑public data, including some personal data, were copied externally without authorization. Novo Nordisk is notifying affected parties “as appropriate,” in line with data‑protection and breach‑notification requirements.
Subscribe to our e-Newsletters
Stay up to date with the latest news, articles, and events. Plus, get special offers
from American Pharmaceutical Review – all delivered right to your inbox!
Sign up now!