Real cases of cyberattacks in the Biotech sector

By Eduard Bardají on Jun 17, 2025 12:52:49 PM

real-cases-of-cyberattacks-in-the-biotech-sector

The biotech sector is one of the most innovative and fastest-growing industries in recent years. By working with genetic data, developing drugs, and researching new therapies, they are a prime target for cybercriminals.

Below are some real cases of cyberattacks that companies in the sector have suffered in recent years, highlighting the need to invest in cybersecurity solutions to prevent data and information theft.

Cyberattack on Bayer: A case of industrial espionage

In 2018, the pharmaceutical giant Bayer detected the presence of advanced malware in its systems. This attack, attributed to a Chinese hacker group known as "Wicked Panda," was aimed at industrial espionage, attempting to steal sensitive information about ongoing research. Fortunately, Bayer was able to contain the threat before it caused significant damage, but the incident highlighted the sector’s vulnerability.

In this regard, adopting proactive cybersecurity capable of automatically detecting threats 24/7 is the most effective way to prevent cyberattacks.

Cyberattack on Miltenyi Biotec

In 2020, the German company Miltenyi Biotec, specialized in medical biotechnology, was the victim of a ransomware attack that affected its IT systems. During the health crisis, this attack jeopardized the supply chain of essential equipment for vaccine research and treatments against COVID-19. Although the company was able to restore its infrastructure, the incident underscored the devastating impact a cyberattack can have on public health.

Some cybersecurity recommendations to prevent ransomware:

  • Implement a robust cybersecurity strategy.
  • Conduct regular backups to ensure data integrity and quick recovery.
  • Staff training and awareness, as well as phishing simulations.
  • Continuous system monitoring to detect security gaps and vulnerabilities, and incident response policies.
  • Use anti-phishing solutions.

Ransomware at the University of California to steal medical research

One of the most shocking cases occurred in June 2020 when the University of California, San Francisco, suffered a ransomware attack that affected its medical research. The attackers demanded a ransom of $1.14 million, which was paid to recover access to crucial data related to biotechnology and health studies. This case highlighted the growing sophistication of cybercriminals and their interest in biomedical research.

Pfizer and BioNTech: Data leak about vaccines

In December 2020, a cyberattack compromised confidential documents about the COVID-19 vaccine developed by Pfizer and BioNTech. The European Medicines Agency (EMA) reported that attackers had stolen key information about the vaccine’s approval process. Although the clinical trial results were not altered, the attack jeopardized public trust and highlighted the importance of protecting intellectual property in the biotech sector.

Cyberattack on Moderna, developer of COVID-19 vaccines

Moderna, another key player in the development of COVID-19 vaccines, was also targeted by cyber espionage in 2020. It was reported that state-sponsored groups from China attempted to access information about their vaccine development. This incident emphasized the geopolitical relevance of cybersecurity in the biotech industry and the need to protect critical research information.

Cyberattack on Enzo Biochem

This biotech company suffered a ransomware attack in 2023, resulting in the theft of clinical trial data from 2.5 million people.

Cyberattack on 23andMe

The company, specialized in genetic analysis, was the victim of a cyberattack that compromised genetic data from millions of customers, which was subsequently sold on the Dark Web for $10.

These cases show that the biotech sector is not immune to cyberattacks and that their impact can be devastating. From industrial espionage to the disruption of the supply chain and the leak of sensitive data, the threats are diverse and constantly evolving.

To mitigate these risks, biotech companies and organizations must implement robust cybersecurity measures. In the following article, we discuss how to design a cybersecurity strategy specifically for the sector.
Previous story
← Cybersecurity in the food industry
How to protect genomic and research data in biotechnology companies
protect-genomic-data-biotechs
Cybersecurity

How to protect genomic and research data in biotechnology companies

Jun 17, 2025 10:09:17 AM 2 min read
How much does a cyberattack cost companies?
cyberattack cost companies
Cybersecurity

How much does a cyberattack cost companies?

Aug 24, 2023 1:49:23 PM 1 min read
Cybersecurity trends for Biotechs in 2025
tendencias-ciberseguridad-biotechs-2025
Cybersecurity

Cybersecurity trends for Biotechs in 2025

Feb 14, 2025 11:27:52 AM 4 min read

Subscribe to our newsletter and stay updated on the latest in technology and cybersecurity.
accio-10-negre (1)
pyme_innovadora_meic-SP_web
kit consulting cabecera