Image: National Cancer Institute via Unsplash

German drug development company says cyberattack causing production delays

German drug development giant Evotec is still recovering from a cyberattack that forced it to take all of its IT systems offline.

The cyberattack last Thursday prompted them “to secure [their systems] from data corruption or breaches” by disconnecting them from the internet.

“The IT systems are currently being examined and the scope of the impact is being reviewed. Highest diligence will be applied to data integrity,” the company said on Friday.

In an update on Monday, the company said a forensic examination of its systems is being conducted by cybersecurity experts and others. Evotec has also contacted law enforcement agencies in Germany about the attack.

Evotec has more than 4,200 employees and had revenue of nearly $700 million in 2021 through its development of drugs to treat Alzheimer's, Huntington's disease and more. The company has long-term drug discovery partnerships with Bristol Myers Squibb, Bayer, Sanofi and several other pharmaceutical giants.

Evotec still has not reconnected its network but said business continuity has been “upheld at all of its global sites.”

“Highest diligence is applied to data integrity, and selected systems will stay offline until the forensic examination has been completed and security plans are in place,” the company explained.

“Solutions will be implemented to keep all services available to its partners, but certain delays or slower responses might occur.”

They urged partner organizations and suppliers to contact a centralized email address while the company works to reestablish its email system.

No hacking group has come forward to take credit for the attack, which is one of numerous incidents involving pharmaceutical companies in recent months.

Sun Pharmaceuticals – the fourth-largest specialty generic pharmaceutical company in the world – said in filings with the Bombay Stock Exchange two weeks ago that efforts to contain and eradicate a ransomware attack are ongoing and a cybersecurity firm has been hired to help respond to the incident.

The attack was claimed by the Black Cat/AlphV ransomware group, which previously targeted hospital technology giant NextGen Healthcare in January and several other hospitals across the U.S.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.