Japanese pharmaceutical company Eisai recently disclosed a ransomware incident that significantly impacted its operations. Attackers successfully encrypted some of the company’s servers, causing disruptions and potential risks to sensitive data. Based in Tokyo, Eisai is a major player in the pharmaceutical industry. It boast an annual revenue of $5.3 billion and a workforce of over 10,000 employees. With manufacturing and medical research units spread across Japan, the United Kingdom, North Carolina, and Massachusetts, the company focuses on developing medications for cancer treatment, chemotherapy side effects, anti-seizure drugs, neuropathy, and dementia drugs.
Weekend Attack Leads to Ransomware Encryption
The ransomware attack occurred over the weekend. It was a strategic choice by the perpetrators as it is typically when IT teams are understaffed. This make it more challenging to respond promptly to such incidents. Eisai promptly reported the attack on its website. They acknowledge the encryption of its servers and taking immediate action to address the situation. A company-wide task force was assembled to develop response procedures and launch an investigation with the assistance of cybersecurity partners. Eisai took numerous IT systems offline to prevent further damage and limit ransomware spread throughout the corporate network. As a result, logistics systems, both internal and external to Japan, had to be temporarily shut down until the investigation concluded. However, the company’s corporate websites and email communications remained operational.
Collaborative Efforts for Recovery and Investigation after Ransomware Attack
Eisai acted swiftly by reporting the incident to relevant law enforcement authorities and enlisting the help of external cybersecurity professionals. It was to expedite the recovery process. The primary concern remains the possibility of data leakage, which is currently under investigation. By involving external experts, the company aims to ensure a thorough examination of the breach and minimize any potential risks associated with the compromised data.
Uncertainty Surrounding Financial Impact and Attribution
At present, the impact of this cyberattack on Eisai’s consolidated earnings forecast for the current fiscal year remains uncertain. None of the major ransomware groups have claimed responsibility for the attack on their extortion sites, leaving the perpetrators unidentified. It is worth noting that Eisai had previously fallen victim to a cyberattack in December 2021, orchestrated by a now-defunct ransomware group known as ‘AtomSilo.’ Although the group’s extortion portal is no longer active, data leaked by AtomSilo included multiple MDF and LDF database dumps allegedly stolen from Eisai’s network.
Recap of Eisai Ransomware
Eisai, a prominent Japanese pharmaceutical company, has encountered a ransomware attack that affected its servers and disrupted operations. The incident prompted the company to act immediately, shutting down various IT systems to contain the damage. Eisai has enlisted the support of external cybersecurity professionals to investigate the breach and mitigate potential risks. The impact on the company’s financial forecast is uncertain, and the responsible party behind the attack remains unknown. This incident serves as a strong reminder of the ongoing threats faced by organizations in the pharmaceutical industry and the critical need for robust cybersecurity measures.
