A large Pennsylvania pharmaceutical company reported a ransomware attack that has significantly impacted critical systems used for shipping, receiving, and manufacturing products. **West Pharmaceutical Services** filed an 8-K form with the **Securities and Exchange Commission (SEC)** on Monday evening, warning customers about the breach that occurred on May 4th. According to the filing, hackers infiltrated the company network, stole data, and encrypted systems. ### Operational Disruptions "The incident and the Company’s proactive response have temporarily disrupted the Company’s business operations globally," the company’s general counsel stated in the SEC filing. While core enterprise systems have been restored, and critical processes for shipping, receiving, and manufacturing have restarted at some sites, a complete restoration timeline remains uncertain. A spokesperson for **West Pharmaceutical** told Recorded Future News that the company shut down and isolated affected on-premise infrastructure, restricted access to enterprise systems, and notified law enforcement. ### About West Pharmaceutical **West Pharmaceutical** is a key player in the injectable solutions market, partnering with drug developers to ensure the safe delivery of medicine to patients. Their products include stoppers and seals for injectable packaging, components for syringes and cartridges, auto-injectors, and wearable injectors. The company employs over 10,000 individuals across 50 locations worldwide and reported net sales exceeding $3 billion in 2025. ### Incident Response **Palo Alto Networks**' incident response team **Unit 42** has been engaged to lead the investigation into the ransomware attack and to contain the incident. **West Pharmaceutical** is currently investigating the extent of the data stolen and assessing the financial impact of the attack. "West is leveraging its business continuity plans and working with our customers to mitigate risk and minimize delays wherever possible," the spokesperson added. As of Tuesday, no ransomware gang has claimed responsibility for the attack. However, the company has "taken steps intended to mitigate the risk of dissemination of the exfiltrated data." ### Healthcare Sector Under Increased Attack Cybersecurity experts note that the healthcare industry has experienced a surge in attacks in 2026, perpetrated by both nation-state actors and cybercriminals. Errol Weiss, chief security officer at healthcare information sharing organization **Health ISAC**, stated that they are observing "a sustained, high level of malicious activity targeting the healthcare sector." "It’s highly likely that both the volume and impact of attacks remain elevated compared to previous years, particularly around ransomware and data-theft operations," he said. "What worries me most is that the same access and techniques could be used interchangeably for espionage, financial gain, or destructive impact — any of which could put people's lives in danger if healthcare services are interrupted."