Eisai hit with ransomware attack, launches investigation into possible data leaks

Eisai is the latest drugmaker to be hit with a ransomware attack.

The Japanese company said it “immediately” set up a company-wide task force after suffering a cyberattack Saturday night. Now, it's working to respond with external experts and law enforcement officials, Eisai said in a statement.

The possibility of data leaks is currently under investigation, the company said. Eisai expects it will take “some time to gauge the full extent of the incident."

During the response, Eisai took some of its computer systems, both inside and outside of Japan, offline. For now, its corporate websites and email systems remain operational.

As for the impact on the company’s earnings, Eisai is “carefully examining” any potential impact on its earnings forecast and will announce “as soon as possible” if revisions are necessary.

Japan has seen an increasing amount of cyberattacks recently, according to The Japan Times. An official at the National Center of Incident Readiness and Strategy told the publication that there is a chance the country is “being targeted as the host of the G7 summit,” and the agency has warned relevant organizations to stay alert.

A series of attacks that are believed to be perpetrated by the same hacker group began in March and has so far affected companies including West Japan Railway, Tokyo Electric Power Company Holdings and some local governments.

Outside of Japan, similar incidents have afflicted drugmakers large and small in recent years.

Just last month, Merck won a positive ruling in its litigation surrounding its 2017 NotPeyta cyberattack that infected more than 40,000 machines in the company’s global network. That attack was attributed by the U.S. government to Russia’s military intelligence operations.

In a more recent security event, German biotech Evotec shut down its network after noticing unusual activity on its IT systems in early April. Earlier in March, Sun Pharma disclosed an IT security breach and responded by isolating its affected systems.

Last year, Novartis also found itself a victim of a cyberattack when hacking group Industrial Spy posted data allegedly stolen from the Swiss pharma. The hackers claimed the info was stolen directly “from the laboratory environment of the manufacturing plant.” Novartis was able to confirm that no sensitive data was compromised.