Japanese pharmaceutical company EISAI, known for its cancer and dementia drugs, has reported a cyber attack that affected its operations. The company disclosed that an attack by the Mount Program took place over the weekend. Some of the company’s servers were encrypted, resulting in temporary disconnection of several IT systems, including logistics. Despite the incident, corporate websites and e-mails are working as usual.
EISAI’s annual income is $5.3 billion, and it has more than 10,000 employees. The company operates 9 production and 15 medical research units in Japan, Great Britain, and the USA. The attack was discovered on the night of June 3, Japanese time. The company immediately engaged external cybersecurity partners to help investigate the incident and formed a special working group to restore its systems’ performance.
EISAI also reported the incident to relevant law enforcement agencies and stated that it is yet to confirm the possibility of data leakage. However, the company could not rule out the potential for data exposure. It’s also not clear how this incident will affect its financial performance in the current financial year.
No major extortion group has claimed responsibility for this attack, but the hackers might soon emerge. The attack on EISAI is not the first of its kind – the company experienced an extortion attack in December 2021, with the Atomsilo group responsible for stealing and publishing several company databases on the network. However, this group of extortionists has already stopped its activities.
It is unclear whether the company will pay the extortionists this time. However, given the traumatic experience from the last attack, management may not want to go through the legal processes that follow hacking and data leakage.