Novo Nordisk A/S: IT Security incident at Novo Nordisk

Bagsværd, Denmark, 11 June 2026– Novo Nordisk A/S has identified an IT security incident involving unauthorised access to a limited number of internal IT systems. Upon learning of the incident, we launched an investigation with the assistance of external cybersecurity experts, and we are in contact with the relevant authorities.

As part of our response, multiple security measures have been taken, including temporarily taking certain internal IT systems offline to protect our environment. We are working to bring the affected systems back online in a controlled and safe manner; however, we acknowledge this process takes time.

Our core business operations are not impacted and remain up and running.

While our investigation and response are ongoing, we have discovered that certain non-public data, including personal data, were copied externally without authorisation. We are informing the impacted parties as appropriate.

Protecting the security and integrity of our systems and delivering reliable products and support to patients remain our highest priorities.

For more information about this incident, including privacy notifications, go to novonordisk.com.

Novo Nordisk is a leading global healthcare company founded in 1923 and headquartered in Denmark. Our purpose is to drive change to defeat serious chronic diseases built upon our heritage in diabetes. We do so by pioneering scientific breakthroughs, expanding access to our medicines, and working to prevent and ultimately cure disease. Novo Nordisk employs about 67,900 people in 80 countries and markets its products in around 170 countries. For more information, visitnovonordisk.com,Facebook,Instagram,X,LinkedInandYouTube.

• PR261106-IT-incident