Leaked #COVID19 Vaccine Data “Manipulated” to Mislead Public

Official COVID-19 vaccine data stolen and leaked online by threat actors had been changed prior to publication in what could be a deliberate attempt to sow disinformation, a medical regulator has claimed.

The European Medicines Agency (EMA) first revealed the data breach back in December. Although at the time it refused to clarify what was stolen, German biotechnology company BioNTech revealed that it was one of the firms affected.

“Some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed,” it said at the time.

Last week the EMA claimed some of the stolen data was released online by the attackers, although it was unclear what their motives were.

However, in an update on Friday, the agency indicated that the end goal may have been to spread fake news.

“The ongoing investigation of the cyber-attack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet,” it noted.

“This included internal/confidential email correspondence dating from November, relating to evaluation processes for COVID-19 vaccines. Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines.”

Attempts to manipulate public perception of events could indicate the hand of state-sponsored threat actors. Both Russia and China have developed rival vaccines to the Pfizer/BioNTech effort, and are looking to build their soft power by striking deals to supply other countries in a “vaccine diplomacy” push.

Anything that casts doubt on the efficacy of the Pfizer jab could therefore work in their favor. Alternatively, it may simply be the work of hacktivists appealing to a growing anti-vaxxer movement.

For its part, the EMA sought to reassure the public in its statement on the matter.

“Amid the high infection rate in the EU, there is an urgent public health need to make vaccines available to EU citizens as soon as possible,” it said.

“Despite this urgency, there has always been consensus across the EU not to compromise the high quality standards and to base any recommendation on the strength of the scientific evidence on a vaccine’s safety, quality and efficacy, and nothing else.”

What’s Hot on Infosecurity Magazine?