West Pharmaceutical Companies disclosed that it was the goal of a cyberattack that resulted in information exfiltration and system encryption.
The corporate mentioned that it detected a compromise on Could 4th. An investigation into the incident decided that the attacker stole information from the community.
“On Could 7, 2026, West Pharmaceutical Companies, Inc. decided that […it] has skilled a cloth cybersecurity assault, wherein sure information was exfiltrated by an unauthorized get together and sure programs have been encrypted,” West Pharmaceutical Companies notes in a submitting with the U.S. Securities and Change Fee (SEC).
“Upon preliminary detection of an intrusion on Could 4, 2026, the corporate promptly activated its incident response protocols, together with proactively taking programs offline globally for containment functions, notifying legislation enforcement, and fascinating exterior cyber-forensic specialists.”
An investigation is at the moment underway to find out the precise nature and scope of the incident, and the kind of information the attacker stole.
West Pharmaceutical Companies is a publicly traded, S&P 500 American pharmaceutical manufacturing firm with annual revenues exceeding $3 billion and greater than 10,800 workers globally.
The corporate makes a speciality of injectable drug packaging, syringe and vial elements, containment programs, and drug supply units.
The cyberattack triggered a response that inevitably disrupted the corporate’s international enterprise operations.
The agency says it has restored its core enterprise programs that help transport and manufacturing operations, and manufacturing has been partially restarted.
Full restoration of all programs has not but been achieved, and no timeline for finalizing this restoration was supplied presently.
Equally, the corporate has not made any estimates in regards to the incident’s materials affect on its financials.
It’s value noting that West Pharmaceutical Companies said that it has taken steps to mitigate the chance of the dissemination of the exfiltrated information, however hasn’t specified precisely what these steps are.
BleepingComputer has contacted the agency with a request for feedback in regards to the assault, its affect, and its present incident administration plan. An organization spokesperson mentioned that instantly after detecting the intrusion, incident response and disaster administration protocols have been activated.
“Following preliminary detection of an intrusion on Could 4, 2026, West Pharmaceutical Companies promptly applied a sequence of technical and organizational measures to include and mitigate the potential affect. This included the proactive shutdown and isolation of affected on-premise infrastructure for containment functions, restriction of entry to enterprise programs, and activation of additional incident response and disaster administration protocols, together with notifying legislation enforcement.”
West Pharmaceutical Companies additionally engaged Palo Alto Networks’ Unit 42 for incident response, containment, and restoration efforts, in coordination with different exterior specialists and authorized counsel.
No ransomware teams have taken credit score for the assault on West Pharmaceutical Companies on the time of writing.
AI chained 4 zero-days into one exploit that bypassed each renderer and OS sandboxes. A wave of recent exploits is coming.
On the Autonomous Validation Summit (Could 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls maintain, and closes the remediation loop.
