Roche, like Bayer, was hit in Winnti cyberattack 

Roche has acknowledged it, like Bayer, was target of a cyberattack known as Winnti, which experts say appeared to be launched by Chinese hackers. (Pixabay)

It turns out that Bayer was not the only pharma company targeted by the Winnti cyberattack believed to have been instituted by hackers tied to the Chinese government. Roche also was a victim. 

Roche today confirmed it was hit after being named in an ARD public radio report in Germany discussing the Winnti cyberattack, according to Reuters. The Swiss drugmaker said it had detected and deflected the attack but also acknowledged there have been others.

“Roche has been targeted by various attackers in the past, including the group known as Winnti. These attacks were detected and remediated,” a company spokesperson said today in an email. “Roche hasn't lost any sensitive personal data of our employees, patients, customers or business partners.” 

Watch the Free Webinar

Chemistry Through Biology: Translating Molecular Biology Technologies into Practical Processes for API Production

Learn about the key advances and critical hurdles in transforming emerging molecular biology technologies into practical applications with commercially viable processes.

RELATED: Bayer, after cyberattack, finds 'no evidence' hackers obtained data

The company said it works with authorities in the U.S., Europe and Switzerland on cybersecurity threats and shares information with other companies in and out of pharma about “ongoing threats.” 

Other companies named in the report included Marriott and Lion Air as well as chemical companies BASF and Shin-Etsu.

Bayer earlier this year also acknowledged it had been hit in the attack that was detected early last year. It said it found no evidence that sensitive data had been tapped. Experts believe the Winnti attack was launched by the Chinese. 

RELATED: Merck has hardened its defenses against cyberattacks like the one last year that cost it nearly $1B 

While both companies indicated they weren’t seriously compromised by cyberattacks, at least one drugmaker has been. It was in 2017 that Merck & Co. had its API production and some R&D and other systems seriously interrupted by the NotPetya attack. The intrusion, which evidence suggested was launched by Russia, infiltrated Microsoft systems that had not installed a needed security patch.

That attack also interrupted production of Merck's Gardasil, one of its best-selling products, forcing the company to borrow doses from the Centers for Disease Control and Prevention's stockpile to meet demand. In all, the attack cost Merck about $1 billion in lost sales, time and expenses to fix the problem.

Suggested Articles

Which rollouts might suffer most? Those that treat chronic diseases, require doctors to administer them or face current competition, analysts say.

Novartis and Incyte will put their blockbuster JAK inhibitor into phase 3 clinical trials as a possible treatment for COVID-19, the drugmakers said.

The Cannes Lions canceled its advertising creativity conference for 2020 after media reports that many large ad agencies planned to opt out.