Moderna COVID-19 Vaccine Data Targeted by Nation-State Hackers

Hackers tied to China targeted the COVID-19 vaccine research developer Moderna in an effort to steal data; ransomware, records theft, and an employee email hack completes this week’s breach roundup.

August 03, 2020 - Massachusetts-based Moderna, a research firm currently tasked with the development of a COVID-19 vaccine, was targeted by hackers with ties to the government of China, in an effort designed to steal valuable data, according to Reuters.

Moderna recently announced it entered the final phase of its investigational vaccine trials.

The report comes just two weeks after the Department of Justice indicted two hackers for allegedly working with China to steal valuable data, including coronavirus research, from a wide range of US organizations, companies, and governments.

According to Reuters, Moderna officials confirmed they’ve discussed the reconnaissance activities outlined in the DOJ indictment with the FBI.

“Moderna remains highly vigilant to potential cybersecurity threats, maintaining an internal team, external support services and good working relationships with outside authorities to continuously assess threats and protect our valuable information,” Moderna company spokesman Ray Jordan, said in a statement. 

Moderna is just the latest US research firm to be targeted by hackers amid the COVID-19 pandemic. The World Health OrganizationHammersmith Medicines Research, and 10x Genomics. Reports have shown Russian hackers are targeting US COVID-19 vaccine developers, as well.

The reports are concerning given research shows 17 major biomedical companies working on the development of a COVID-19 vaccine are operating with severe security vulnerabilities in their computer systems.


A ransomware attack on Highpoint Foot and Ankle Center in Pennsylvania potentially breached the data of 25,554 patients.

On May 20, Highpoint officials detected a data security incident involving electronic patient records. An investigation determined a hacker remotely gained access to the servers, potentially giving access to patient records. Access to the server was restricted, but the attack likely bypassed those protections.

The compromised data could include patient names, contact information, dates of birth, Social Security numbers, and protected health information, such as diagnoses and treatments. Upon discovery, Highpoint changed the access credentials and implemented additional safeguard for patient records.


CVS and Walgreens recently reported several of their pharmacies were broken into between May and June, which led to the theft of some protected health information.

Protests held between May 27 and June 8, resulted in multiple looting and vandalism incidents at several CVS pharmacies. Individuals gained access to CVS stores and stole prescriptions left in the pharmacy waiting bins. Those individuals also stole paper prescriptions and vaccine consent forms.