The pharmaceutical company Charles River Laboratories has informed its customers about a hacker attack , which the company became aware of in mid-March. Thus, previously unknown attackers have invaded internal networks and have copied confidential customer data. The US-American company has informed the federal authorities there and since then works according to its own statement at a processing of the incident.
It is assumed that the attackers did not manipulate or delete data on the company’s networks – only data had been copied. Who the attackers were, is probably currently in the dark, but it should have been “well-informed and well-equipped” hackers, the pharmaceutical company.
Read More Stories: the developer conference WWDC 2019 in June
Charles River is a global biotech company and clinical laboratory services provider; It also manufactures devices for pharmaceutical and bio-laboratories as well as hospitals.
According to the company, its customers include all major pharmaceutical and biotech companies, as well as every major academic and regulatory research institution in the Western world.
How many customers are affected is unclear
In addition to the US federal authorities, independent IT security experts are also responsible for clearing up the hacker attack. The attack on their own networks was discovered with the help of a “leading cybersecurity firm,” according to Charles River in a FAQ document on the attack.
Read More Stories: OpenBSD 6.5 with new stack protector
It had taken some time to expose the attack, as the attackers were extremely skillful and have hidden their tracks. When the investigation had revealed enough information, they immediately started to inform relevant bodies and eventually the public, the company writes. Due to the stringent data protection regulations in the medical sector, government agencies in both the US and Germany must be informed promptly about data leaks.
Read More Stories: Social Network Analysis: In 50 years more dead than lively users on Facebook
According to Charles River, the data is affected by just under one percent of their customers. Given the considerable customer base of the company, this could well be a significant number of customers. An exact number, however, can not be named without the help of the company. After all, the company stated on record that it was not assumed that customers or external cooperation partners had been attacked by shared software and cooperation tools.