EMA reported the cyberattack on December 9, launching an investigation to find out which of its systems exactly had been hacked. Among other things, the agency is responsible for reviewing vaccines and making recommendations on their use and sale in the European Union.
"EMA has been the subject of a cyberattack. The Agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities", the agency said in a statement.
According to the report, foreign intelligence services were specifically after information about the coronavirus vaccines developed by the Pfizer-BioNTech duo and Moderna.
Pfizer and BioNTech released a statement in which they stressed that their IT systems remained secure, including patients' personal data.
"Today, we were informed by the European Medicines Agency (EMA) that the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed," the statement said. "It is important to note that no BioNTech or Pfizer systems have been breached in connection with this incident and we are unaware that any study participants have been identified through the data being accessed."
The broadcaster's source said that the cyberattack was noticed when perpetrators used the credentials of an EMA employee to log into the corporate system after-hours.
The report did not point at any particular foreign government.