𝗡𝗼𝘃𝗼 𝗡𝗼𝗿𝗱𝗶𝘀𝗸 𝗕𝗿𝗲𝗮𝗰𝗵 𝗘𝘅𝗽𝗼𝘀𝗲𝘀 𝗔𝗜 𝗥𝗶𝘀𝗸𝘀
Novo Nordisk confirmed a cyberattack this week. The company behind Ozempic and Wegovy lost internal IT data. Attackers took pseudonymized patient data from clinical trials.
The stolen patient info includes:
- Patient IDs and sex
- Year of birth
- Biomarkers and health data
- Lifestyle factors like BMI and smoking status
They also took healthcare professional data like names, emails, and phone numbers.
A group called Dragonfly claims they stole more than just patient records. They claim to have taken:
- A 16.7 GB trained AI model named NovoPert
- A 407 MB proprietary biological training dataset
- Full source code for the training pipeline
- Internal maps of infrastructure and HPC clusters
- Over 53 GB of container images
- Developer identities and private GitHub URLs
Novo Nordisk has not confirmed these AI claims. No ransomware was found.
If these claims are true, the AI assets are more valuable than the patient data. These models represent years of research. Competitors or hackers could use this data for huge gains.
This breach shows two major problems for companies building AI:
AI infrastructure is a massive attack surface. Leaked container images often contain credentials and network maps. This gives attackers a blueprint of your entire system.
Developer identities lead to supply chain attacks. When attackers know which developers work on which repos, they can target them with precision. Phishing becomes much easier when the target is known.
Patient data breaches are serious. But if the AI theft claims are real, this is a shift in how hackers operate. They are now targeting intellectual property in AI models directly.
How does your team secure AI training infrastructure? Do you treat it as a research zone or a high-security asset?
Optional learning community: https://t.me/GyaanSetuAi