Cyberattack on EU medicines agency 'accessed data on COVID-19 vaccine'

Access to the comments Comments
By Michael Daventry  & Euronews
The Pfizer/BioNTeach vaccine is among one currently being considered for approval by the European Medicine Agency
The Pfizer/BioNTeach vaccine is among one currently being considered for approval by the European Medicine Agency   -  Copyright  Frank Augstein/AP

The European Union's medicine supervision agency says documents relating to a COVID-19 vaccine were accessed when its systems were targeted in a cyberattack on Wednesday.

The European Medicines Agency (EMA), which is based in Amsterdam, said that it had "quickly opened a full investigation, in close cooperation with the police".

The agency is deliberating on whether to grant regulatory approval to two COVID-19 vaccines: one developed by Pfizer and BioNTech, the other by the US-based firm Moderna.

The unknown attackers accessed documents relating to the Pfizer/BioNTeach candidate, the vaccine that was approved in the United Kingdom last week.

BioNTech said that it had been informed by the EMA that "some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed."

It added: "no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed.

"EMA has assured us that the cyber attack will have no impact on the timeline for its review."

The agency is expected to decide on whether to approve the vaccine for public use by the end of this month.

A decision on the Moderna vaccine is expected to follow early in January.

In a short statement of its own, the EMA said: "The Agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities.

"EMA cannot provide additional details whilst the investigation is ongoing. "

It was not immediately clear how much the agency had been affected by the cyberattack or whether any other data had been compromised.

Under European Union rules, the EMA must approve any new vaccines for use in the bloc — although emergency procedures can be used by member states to introduce vaccines on a temporary basis.

These were the procedures used by the UK — which is no longer a member state but continues to follow EU rules until the end of 2020 — to deploy the Pfizer/BioNTech vaccine this week.

The makers of other vaccines, including those developed in Russia and China, have so far not contacted the EMA to deploy their medicines in Europe.