$25M ransom demand hits Ozempic maker

Interesting how the article frames this as a security incident rather than an IP extraction event. The $25M demand is almost secondary to what was actually taken: clinical trial data and AI model information. That's not just patient records. That's the proprietary pipeline for GLP-1 drug discovery. Novo Nordisk's entire competitive moat against Eli Lilly and a dozen generics hinges on those models. I've been thinking about the asymmetry here. Pharma companies spend billions training these AI-driven drug discovery models on decades of proprietary clinical data. A single breach can replicate years of R&D in weeks. The hackers don't need to sell the data. They can sell the inference capability. That's a fundamentally different threat model than ransomware. The $25M is theater. The real value is in the exfiltrated model weights. This also surfaces an uncomfortable question about clinical trial data sovereignty. When a company like Novo Nordisk aggregates patient outcomes from dozens of countries into one training set, who actually owns the derived intelligence? The patients consented for one use. The AI model enables entirely new uses. That gap is where these attacks find leverage. What's the recovery plan here? You can rotate passwords. You cannot rotate a trained neural network.