West Pharmaceutical says hackers stole data, encrypted systems

West Pharmaceutical Services confirmed a cyberattack involving both data theft and ransomware deployment across its systems. The pharmaceutical supplier, which manufactures packaging components and drug delivery systems for major pharmaceutical companies, fell victim to threat actors who exfiltrated sensitive information before encrypting critical infrastructure.

West Pharmaceutical serves as a critical supplier in the drug manufacturing chain, providing vials, syringes, and injection devices to pharmaceutical manufacturers worldwide. A successful attack on this company creates operational risk for its customers and potentially disrupts drug production timelines.

The company has not yet publicly identified the specific threat actor responsible for the attack. The dual-stage compromise—data exfiltration followed by encryption—is characteristic of ransomware operations where attackers steal data to pressure victims into paying extortion demands while also threatening public disclosure of stolen information.

West Pharmaceutical has engaged incident responders to contain the attack and investigate its scope. The company is coordinating with law enforcement and cybersecurity experts as part of standard breach protocols. Details regarding the volume of data stolen, the specific systems encrypted, and the timeline of discovery remain limited.

For organizations dependent on West Pharmaceutical's supply chain, the attack creates immediate operational concerns. Customers may face delays in receiving critical pharmaceutical packaging components. Businesses should contact West Pharmaceutical directly to assess continuity risks and determine alternative sourcing options if necessary.

Data stolen in pharmaceutical supply chain attacks typically includes customer information, manufacturing specifications, product details, and potentially employee records. If the stolen data becomes public, it could expose operational details about drug manufacturing processes and customer relationships.

West Pharmaceutical's attack underscores persistent vulnerabilities in healthcare supply chains. Attackers prioritize suppliers because a single compromise can disrupt multiple downstream customers. Organizations in critical supply chains should implement network segmentation, multi-factor authentication, and continuous monitoring to detect lateral movement before attackers can encrypt systems or exfiltrate data at scale.