Eisai Group Battles Ransomware: Supply Chain Unaffected Amid Cyber Attack
Japanese pharmaceutical corporation Eisai Group suffered a significant ransomware attack on the night of June 3. The cyber attack has impacted logistics systems both within and beyond Japan. Despite the attempted cyber assault, Eisai assures there won’t be any imminent disruption to the supply chain due to the company’s stringent stocking policy. According to Eisai, the said policy has been designed to maintain a supply in excess of three months at all times.
While Eisai has taken certain systems offline temporarily, the pharmaceutical giant claims its manufacturing site in Hatfield, England, is still unaffected. That being said, it’s operating as usual.
In response to the attack and its consequences, the Eisai authority has said that Eisai’s human health care philosophy is pretty unconventional. The company always prioritizes patients and operates with a more than three-month stocking policy.
Even if disruptions emerge in the supply chain outside Europe, the company can still replenish without input from affected sites.
Eisai’s production division spans nine manufacturing locations worldwide. Besides its three factories in Japan, the company has sites in China, India, Indonesia, and the United States and a 60,000-square-meter facility in the United Kingdom.
This Hertfordshire-based global production center supplies countries in the Middle East, Africa, the Americas, Asia, and Europe.
In response to the cyber attack, Eisai Group promptly mobilized its incident response plan. It assembled a company-wide task force in collaboration with cybersecurity partners. They are concurrently investigating the potential of data leakage. Organizations like Eisai employ large-scale anti-virus solutions to combat such attacks.
During these investigations, Eisai’s corporate websites and email systems remain operational. The company, committed to transparent communication with stakeholders, will provide further updates as the situation develops. However, details about whether a ransom was paid are currently withheld due to ongoing investigations with law enforcement.
Back in 2008, Eisai expanded its international presence with the acquisition of US biotech firm MGI Pharma for $3.9 billion.
Eisai Group, specializing in neurology and oncology, has a broad cancer product portfolio. They include treatments for advanced renal cell carcinoma, dementia linked to Alzheimer’s disease, and refractory cancers.
The company also engages in various research and development projects with pharma behemoth Merck. In addition, it has a strategic collaboration with Bristol Myers Squibb and several academic institutions.
In the fiscal year 2022, the Tokyo-based firm reported revenue of ¥744.402 billion ($5.3 billion). This reflected a 1.6 percent drop from 2021. The operating profits were ¥40.04 billion ($290 million).
Not a New Punch
This ransomware attack is the latest in a series of similar cyber threats against the biotech and pharmaceutical industry. Previous victims include Enzo BioTech and Professional Finance Company. Both experienced significant data breaches impacting millions of individuals.
Eisai Group is currently investigating the attack’s potential impact on its earnings forecast for the latest fiscal year. No ransomware group has claimed responsibility for the attack.
In a statement, Eisai expressed remorse for any inconvenience and concern caused to partners and stakeholders. The company has stated that it’s working diligently with external experts and law enforcement to safeguard its systems and ensure a successful recovery.