A threat actor has claimed a breach involving InfoDesk, alleging that employee data from multiple pharmaceutical, medical, and financial organisations has been exposed.
The alleged incident involves internal employee directories from 18 organisations, including companies in the pharmaceutical and biotechnology sectors such as Bayer, GSK, Johnson & Johnson, Merck, Moderna, Novo Nordisk, Sanofi, and Vertex Pharmaceuticals. Medical technology firms, including Abbott, Medtronic, and Olympus Corporation, were also listed. Additional organisations named include the International Monetary Fund and Kearney.
According to the report, the breach is said to have occurred in February 2026 and was later advertised on a dark web forum, where the actor claimed to be selling the data. Researchers who reviewed samples provided by the actor stated that the dataset contains employee records from the listed organisations.
The data sample reviewed included a limited number of entries, with approximately five records per company. These records contained full names and corporate email addresses. The actor claimed to hold up to 1,000 records per organisation, although this figure has not been independently verified.
Researchers stated that the exposed data could be used in phishing campaigns. They said that names and email addresses associated with specific organisations could be used to create messages intended to obtain credentials or deliver malicious files.
At the time of publication, InfoDesk had not issued a public response to requests for comment regarding the alleged breach.
The report described the incident as involving a third-party service provider used by multiple organisations. It referenced other cases in which access to organisations was obtained through external vendors that manage shared systems or data.