Pfizer/BioNTech weren't alone: Moderna COVID-19 vaccine data targeted in EMA cyberattack

Looks like Pfizer and BioNTech’s COVID-19 vaccine was not the sole target of a recent cyberattack at the European Medicines Agency.

Moderna said Monday that documents from its pre-submission discussions with EMA about its shot, mRNA-1273, were “unlawfully accessed” by hackers, citing a notification from the agency.

The attackers didn't obtain personal information about trial participants, Moderna said. The company's EMA submission didn’t include any data identifying individuals in the study.

At this point, no additional details about the cyberattack—such as the scale of the breach or the identity of any suspects—are available, and Moderna said it awaits results from EMA’s ongoing investigation.

The revelation came days after the EMA originally disclosed the cyberattack, and Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, was the first identified as a target.

RELATED: Hackers breach Pfizer/BioNTech COVID-19 vaccine data in cyberattack targeting EMA

EMA decisions on both vaccines are drawing near. Drug reviewers at the EMA’s Committee for Medicinal Products for Human Use are scheduled to assess BNT162b2 on Dec. 29 and mRNA-1273 on Jan. 12.

Moderna was previously targeted by hackers seeking its COVID-19 research, in a cyberattack allegedly backed by the Chinese government.

The U.S. Department of Justice in July indicted two Chinese nationals for running a 10-year hacking campaign that most recently pivoted to targeting companies doing COVID research. Reuters later confirmed Moderna as the vaccine maker mentioned in the indictment. China has denied any role in such behaviors.

RELATED: Not just AstraZeneca: Hackers targeted 5 other COVID-19 drug developers, vaccine cold chain suppliers

Besides Moderna and Pfizer/BioNTech, rival COVID vaccine developers AstraZeneca, Johnson & Johnson and Novavax reportedly have landed in the crosshairs of North Korean hackers. In those hacking attempts, the attackers typically sent out malicious documents or links via email under the guise of job recruiters, colleagues or other acquaintances of the victim, according to people familiar with the matter cited by The Wall Street Journal.

Nation-state hackers from Iran and Russia have also been accused of trying to steal COVID-related information.