Novo Nordisk Clinical Trial Data Breached in June 2026 Cyberattack

What Patient Data Was Compromised

According to Novo Nordisk’s official incident update, the breach affected a limited amount of pseudonymized data from participants in some of its clinical trials. The exposed data categories include :

• Patient ID — a random alphanumeric string, not a name, along with information on trial participation
• Sex
• Year of birth
• Biomarkers
• Health and immunogenicity data
• Lifestyle factors such as smoking status, alcohol use, and body-mass index

The company emphasized that the compromised data is not directly linked to any patients by name or other direct identifiers. Information that would enable direct identification, such as full names, contact details, or national ID numbers, was not exposed. Based on its assessment, Novo Nordisk stated that the incident does not allow any third party to identify the affected trial participants .

Company Response

Novo Nordisk took immediate action after discovering the breach:

• External investigation: The company launched an investigation with the help of external cybersecurity experts and is coordinating with relevant authorities .
• Precautionary system shutdowns: Several internal IT systems were temporarily taken offline to contain the incident and protect the broader environment. The company is working to restore those systems in a controlled and safe manner .
• Regulatory and law enforcement contact: Novo Nordisk is in communication with the relevant regulatory and law enforcement authorities .
• Notification of affected parties: The company is reaching out to impacted individuals as appropriate .
• Patient guidance: Novo Nordisk advised patients that no specific action is required, though it recommended remaining generally vigilant .

Impact on Operations

Novo Nordisk explicitly stated that core business operations were not impacted and remain up and running . The incident was confined to a limited set of internal IT systems, and the company’s primary manufacturing, supply chain, and commercial activities continued without interruption .

Broader Business Context

The cyberattack occurred on a day of mixed news for Novo Nordisk. On the same date, June 11, 2026, UK regulators approved the company’s first daily oral GLP-1 weight-loss pill. That positive development helped offset the negative breach news, and shares of Novo Nordisk (NVO) rose as much as 3% on the day .

The attack also highlights a growing cybersecurity threat in the pharmaceutical industry. Just weeks earlier, on May 4, 2026, West Pharmaceutical Services—a key supplier to drugmakers—suffered a global ransomware attack that disrupted manufacturing and shipping operations . Meanwhile, Novo Nordisk is separately pursuing an $830 million damages claim against KBP Biosciences over the failed drug candidate Ocedurenone, adding further legal and financial complexity to the company’s landscape .

The investigation into the June 2026 breach remains ongoing, and Novo Nordisk has not released additional details about the attackers or the full scope of the incident .