Hackers Target 10x Genomics, A Biotech Company Working On Covid-19 Research

10x Genomics, a California-based biotechnology company working on COVID-19 research, was targeted by hackers last month, as the world was gripped by the novel coronavirus pandemic, according to an 8-K report filed with the Securities and Exchange Commission (SEC).

10x Genomics is part of an international alliance that is involved in the sequencing of cells from patients that have recovered from the COVID-19 virus, in an effort to better understand the disease and fuel the discovery of potential treatments.

According to the SEC filing, 10x Genomics was the target of an attempted ransomware attack, during which the attackers managed to steal some sensitive company data. The data breach was first confirmed by the REvil/Sodinokibi Ransomware group on March 13. The hackers claimed that they had stolen 1 terabyte of data from the company and threatened to publish the first part of the documents if they're not contacted within three days.

Under The Breach, an Israeli-based data-breach monitoring company said that 10x Genomics appeared to have been ''compromised pretty badly''. A spokesperson for 10x Genomics noted that the company had ''isolated the source of the attack and restored normal operations with no day-to-day impact,'' adding that they are already working with law enforcement officials to investigate the breach.

''It is particularly disappointing that we would be attacked at a time when our products are being used by researchers around the world to understand and fight COVID-19,'' 10x Genomics said in a statement.

The REvil/Sodinokibi ransomware group first began to target companies in the health and IT sectors in late 2019. The hackers actively scan the web for compromised systems, typically leveraging Virtual Private Network (VPN) client updater features to deploy their malicious payload.

The current COVID-19 pandemic has proven to be a massive opportunity for cyber-crooks targeting the healthcare industry, and 10x Genomics is far from the only victim just in the past month.

Last month we reported that Hammersmith Medicines Research (HMR), a London-based company involved in the clinical trials of new COVID-19 treatments, was attacked by the notorious Maze Ransomware group on March 14. The company declined to pay the ransom, and the attackers leaked stolen data about thousands of patients.

Malcolm Boyce, managing director of HRM, had to take the difficult decision to not negotiate with the attackers, commenting: ''We've beefed up our defenses since the attack with all sorts of software.''

He warned others in the sector: ''My message to other companies is to do everything possible to safeguard yourself because they are quite capable of putting companies out of business, and they are totally without conscience.''