Employees “discovered that they were locked out of their data by ransomware…” eResearchTechnology (ERT) said clinical trial patients were never at risk, but customers said the attack forced trial researchers to track their patients with pen and paper. Among those hit were IQVIA, the contract research organization helping manage AstraZeneca’s Covid vaccine trial, and Bristol Myers Squibb, the drugmaker leading a consortium of companies to develop a quick test for the virus. ERT has not said how many clinical trials were affected, but its software is used in drug trials across Europe, Asia and North America. It was used in three-quarters of trials that led to drug approvals by the Food and Drug Administration last year, according to its website.
On Friday, Drew Bustos, ERT’s vice president of marketing, confirmed that ransomware had seized its systems on September 20. As a precaution, Mr. Bustos said, the company took its systems offline that day, called in outside cybersecurity experts and notified the Federal Bureau of Investigation. “Nobody feels great about these experiences, but this has been contained,” Mr. Bustos said. He added that ERT was starting to bring its systems back online on Friday and planned to bring remaining systems online over the coming days…
One of ERT’s clients, IQVIA, said it had been able to limit problems because it had backed up its data. Bristol Myers Squibb also said the impact of the attack had been limited, but other ERT customers had to move their clinical trials to move to pen and paper.
The Times notes it’s just one of “more than a thousand ransomware attacks on American cities, counties and hospitals over the past 18 months.” Other interesting details from the article:
- Two companies working on a coronavirus vaccine — Pfizer and Johnson & Johnson — emphasized to the Times that they weren’t affected by ERT’s issues, with a Pfizer spokesperson stressing they’re not even using ERT’s software.