Danish pharmaceutical powerhouse **Novo Nordisk**, renowned as the world's leading producer of insulin and maker of **Wegovy** and **Ozempic**, recently disclosed a significant data breach. The breach compromised internal IT systems, leading to unauthorized access and external copying of non-public data related to patients in clinical trials.  ### Pseudonymized Patient Data Exposed **Novo Nordisk** stated that the exposed patient data included unique patient IDs (random alphanumeric strings), details on trial participation, sex, year of birth, biomarkers, health/immunogenicity data, and lifestyle factors such as smoking, alcohol use, and BMI. Crucially, the company emphasized that this data was pseudonymized, meaning it cannot be directly linked to individual patients by name or other direct identifiers. They assert that identifying patients by name would require access to underlying information that was not exposed. ### Healthcare Professionals Also Affected Beyond patient data, the breach also impacted an undisclosed number of healthcare professionals (HCPs). Their names, registration numbers, email addresses, phone numbers, WhatsApp details, and office locations were exposed. **Novo Nordisk** has issued a warning to affected HCPs, advising heightened vigilance against unexpected messages or calls. These individuals may become targets for sophisticated phishing attacks via email, phone, or WhatsApp, or through fraudulent messages impersonating colleagues. ### Operational Response and Ongoing Investigation In response to the incident, **Novo Nordisk** has taken the compromised internal IT systems offline. The company confirmed that its core business operations remain unaffected and are fully operational. An investigation is currently underway with the assistance of external cybersecurity experts to fully assess the scope and impact of the breach. The pharmaceutical giant is working to restore affected systems in a controlled and secure manner, acknowledging that this process will take time. As of the disclosure, **Novo Nordisk** has not specified when the breach was detected or the exact number of individuals whose data was exposed.