Elsai, a Japanese pharmaceutical company, has disclosed a large ransomware attack that affected their business. The attackers successfully encrypted a part of the company’s servers, causing not only serious operational interruptions but also potential risks to the security of sensitive information.
A big employer with a staff of more than 10,000 people, Eisai is a pharmaceutical company with roots in Tokyo and a remarkable $5.3 billion in yearly revenue. In North Carolina, North Carolina, Massachusetts, Japan, and the United Kingdom, it runs fifteen medical research facilities and nine industrial facilities.
The company focuses its efforts mostly on the creation of various drugs. These include anti-seizure pharmaceuticals, therapies for neuropathy, drugs to treat cancer, drugs to lessen the negative effects of chemotherapy, and drugs to manage dementia. They also include medications to treat seizures.
A ransomware attack hit Eisai over the weekend
The weekend was chosen as the period for the ransomware attack on the plan by the attackers since it is often a time when IT workers are understaffed. So, it becomes more challenging to respond to these types of events as soon as they occur.
Eisai quickly posted a notice on its website realising the encryption of its servers and working quickly to tackle the problem.
A ransomware incident that encrypted some of Eisai Group’s servers was detected late at night on Saturday, June 3, Japan time. We immediately implemented our incident response plan and launched an investigation. With the aid of our cybersecurity partners a company-wide task force was convened to rapidly work on response procedures.
In order to minimise the damage and stop the malware from spreading deeper inside the compromised business network, the organisation immediately pulled a number of IT systems down. Eisai mentions that until investigations are finished, both internal and external systems, including logistics, have to be temporarily paused. Email correspondence and company websites continue working.
Eisai requested help from outside cybersecurity experts to expedite the recovery process and reported the issue to law enforcement authorities without delay.
Data leaking is the main issue, and it is being looked at. By enlisting outside expertise, the breach is thoroughly investigated and any dangers related to the leaked data are reduced.
The uncertainty of the situation is highlighted by Eisai’s statement that the possible danger of data leaking is now being investigated. Furthermore, it’s yet unknown how this incident would affect the company’s calculated total revenues for the current financial year.
None of the well-known ransomware groups have yet to take responsibility for the attack on their extortion sites, leaving the perpetrators unknown. It is important to note that Eisai had previously been the victim of a cyberattack in October 2021, which was carried out by a ransomware group known as “AtomSilo.”
The group’s extortion portal is no longer operational, and according to the data that was released from AtomSilo, it contained multiple MDF and LDF database dumps that were obtained from Eisai’s network.
One of the largest pharmaceutical corporations in the world was targeted earlier this year. Sensitive personal information related to approximately six million individuals was exposed as a result of the incident.
Phishing Tackle offers a free 14-day trial to help train your users to avoid these types of attacks and test their knowledge with simulated attacks using various attack vectors. By focusing on training your users to spot these types of attacks, rather than relying solely on technology, you can ensure that your organisation is better prepared to defend against cyber threats and minimise the impact of any successful attacks.