Hackers Hit Japanese Pharma Giant Eisai

Hackers broke into the systems of Eisai Group to deploy ransomware, forcing it to take systems offline, the Japanese pharmaceuticals giant said in a breach notification.

Headquartered in Tokyo, Eisai has around 10,000 employees, many of which are in research.

The company announced this week that it suffered a ransomware infection that encrypted “some” of its servers.

“In response to this case, Eisai Group immediately established a company-wide task force, and is working on recovery efforts with the advice of external experts and undertaking measures to understand the scope of the incident,” reads the notice. “Additionally, Eisai Group has consulted with law enforcement.”

The breach was detected late at night, Japan time, on Saturday June 3. Soon after, the company engaged its incident response plan and enlisted the help of “cybersecurity partners.” An investigation was started to determine how the hackers broke in and if they managed to also steal important data before encrypting it.

“The possibility of data leakage is currently under investigation,” according to the notice.

The attack forced Eisai to take systems offline, both in and outside of Japan. Corporate websites and email systems are operational.

“Currently, Eisai Group is working closely with external experts and law enforcement in an effort to protect its systems and to make a successful recovery,” the company adds. “We will continue to work to minimize any inconvenience to our partners and stakeholders.”

It is still unknown which hacking group carried out the attack. None of the big names in ransomware-as-a-service have claimed Eisai as a victim yet, but most likely they will at some point in the future.

Pharmaceutical intellectual property is a precious commodity. Advancements in this field can give players in the industry a huge advantage, so having data leaked to a competitor would heavily impact Eisai’s bottom line.  However, as Eisai itself pointed out, it’s still unclear if the hackers actually managed to get any important data during the attack.

According to Wikipedia, 40% of Eisai's revenue comes from a product called Aricept (donepezil) used to treat mild-to-moderate dementia for Alzheimer's Disease patients. Ranbaxy Labs, now owned by Sun Pharma, sells a similar but generic formulation of the drug and is considered the main competitor of Aricept. Eisai is said to have pursued development of alternative formulations in order to extend the marketable lifetime of its product.