HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

FulcrumSec Leaks 1.3 TB of Clinical Trial and AI Research Data from Novo Nordisk

FulcrumSec published 1.3 TB of stolen data from Novo Nordisk, confirming exposure of pseudonymized clinical‑trial records and revealing that provider contact details may also be compromised. The incident underscores the need for robust privacy controls and audit‑ready evidence under SOC 2 and data‑protection regulations.

LiveThreat™ Intelligence · 📅 June 17, 2026· 📰 securityaffairs.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
3 recommended
📰
Source
securityaffairs.com

FulcrumSec Leaks 1.3 TB of Clinical Trial and AI Research Data from Novo Nordisk

What Happened — On June 15 2026 the extortion group FulcrumSec began publishing files it claims to have stolen from Novo Nordisk, including 1.3 TB of clinical‑trial records and proprietary AI‑research assets. The company confirmed unauthorized access to a limited set of internal systems and exposure of pseudonymized patient data, while also acknowledging that provider‑level contact information may have been taken.

Why It Matters for Compliance & Audit Readiness

  • The breach illustrates a classic privacy‑impact scenario that SOC 2 CC‑5 (Confidentiality) and GDPR/CCPA obligations are designed to mitigate and document.
  • Continuous evidence of data‑handling controls, consent management, and DSAR readiness becomes critical to demonstrate due diligence during an audit.
  • Verisq’s CookiePLUS privacy suite provides the automated consent capture and data‑subject request workflow needed to turn this incident into a defensible audit artifact.

Who Is Affected – Pharmaceutical manufacturers, clinical‑trial sponsors, and the healthcare providers that support them.

Recommended Actions

  • Map the exposed data elements to SOC 2 CC‑5 and GDPR/CCPA controls; verify that pseudonymization and access‑restriction policies are enforced.
  • Collect and preserve logs, access records, and data‑flow diagrams as audit evidence of the breach response.
  • Deploy a privacy‑management solution (e.g., CookiePLUS) to automate consent records and DSAR handling for any future data‑subject inquiries.

Technical Notes – The attackers claim foothold since March 2026, likely via stolen credentials; leaked assets include patient IDs, biomarkers, lifestyle factors, and a 16.7 GB multimodal AI model, training datasets, source code, HPC configuration files, and developer identities. Source: SecurityAffairs

📰 Original Source
https://securityaffairs.com/193763/security/fulcrumsec-targets-novo-nordisk-leaks-clinical-and-research-data.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · PrivacyOps · CookiePLUS

A privacy incident is a question about your consent record.

CookiePLUS and Verisq AI Trust Operations keep consent, DSAR, and data-handling evidence continuously ready — so a data-exposure event finds you prepared, not scrambling.

See how Verisq AI Trust Operations handles privacy →