**West Pharmaceutical Services** has confirmed they were the target of a cyberattack that led to both data theft and the encryption of critical systems. ### Incident Timeline The company detected the initial compromise on May 4th, 2026. Subsequent investigation revealed that attackers successfully exfiltrated data from the network. "On May 7, 2026, **West Pharmaceutical Services, Inc.** determined that [...it] has experienced a material cybersecurity attack, in which certain data was exfiltrated by an unauthorized party and certain systems were encrypted,” the company stated in a filing with the **U.S. Securities and Exchange Commission (SEC)**. Immediately upon detecting the intrusion, **West Pharmaceutical Services** activated its incident response protocols, which included proactively taking systems offline globally for containment, notifying law enforcement, and engaging external cybersecurity experts. ### Investigation and Recovery An investigation is currently underway to determine the full scope of the incident, including the specific types of data compromised. **West Pharmaceutical Services** is working to restore all affected systems, but a timeline for complete recovery has not been provided. The company, a publicly traded **S&P 500** entity with annual revenues exceeding $3 billion and over 10,800 employees globally, specializes in injectable drug packaging, syringe and vial components, containment systems, and drug delivery devices. The attack has inevitably disrupted the company’s global business operations. ### Operational Impact and Mitigation While core enterprise systems supporting shipping and manufacturing operations have been restored, and manufacturing has partially restarted, complete system restoration remains ongoing. The company has not yet provided estimates regarding the financial impact of the attack. **West Pharmaceutical Services** has stated that it has taken steps to mitigate the risk of further dissemination of the exfiltrated data, but specific details about these measures have not been disclosed. BleepingComputer reached out to **West Pharmaceutical Services** for comment. A company spokesperson stated that incident response and crisis management protocols were activated immediately after detecting the intrusion. These measures included the proactive shutdown and isolation of affected on-premise infrastructure, restriction of access to enterprise systems, and notification of law enforcement. **West Pharmaceutical Services** has engaged **Palo Alto Networks’ Unit 42** for incident response, containment, and recovery efforts, coordinating with other external experts and legal counsel. As of this writing, no ransomware groups have claimed responsibility for the attack.  ## 99% of What Mythos Found Is Still Unpatched. AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming. At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what's exploitable, proves controls hold, and closes the remediation loop. [Claim Your Spot](https://hubs.li/Q04crVgD0)