HackerFeeds
All ransomware incidents
novonordisk.com

Ransomware group fulcrumsec hits Novo Nordisk

MEDIUM
·Healthcare·DK·2026-06-16

Novo Nordisk — a healthcare target operating in DK has been listed by the fulcrumsec ransomware group on 2026-06-16. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationNovo Nordisk
Threat Group
fulcrumsec
Summary[AI generated] Novo Nordisk is a Danish multinational pharmaceutical company headquartered in Bagsværd, Denmark. Founded in 1923, it specializes in treatments for diabetes, obesity, hemophilia, and other chronic conditions. The company is a global leader in insulin production and develops drugs such as semaglutide. It operates in over 80 countries and is one of Europe's most valuable corporations by market capitalization.
Date of Breach2026-06-16
Discovery Date2026-06-16
RegionDK
Target Domainnovonordisk.com
Business SectorHealthcare
Severity
MEDIUM

Claim by fulcrumsec

[AI generated] Novo Nordisk is a Danish multinational pharmaceutical company headquartered in Bagsværd, Denmark. Founded in 1923, it specializes in treatments for diabetes, obesity, hemophilia, and other chronic conditions. The company is a global leader in insulin production and develops drugs such as semaglutide. It operates in over 80 countries and is one of Europe's most valuable corporations by market capitalization.

Posted by the fulcrumsec threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

novonordisk.com

Leak post (onion / Tor)

tor

http://4e3p3in2bl67hxchuwza7qvnpe7pyeloyztr5fnh257fxkovfhappjyd.onion/novo/

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.