Ransomware victim disclosure
← All victimsViking Therapeutics reported to the SEC following a breach
Claimed by Alphv · listed 3 years ago
Status timeline
- ListedDec 18, 2023
- Data leakeddate unknown
At a glance
- Group
- Alphv
- Status
- Data leaked
- Sector
- Healthcare
- Listed on leak site
- Dec 18, 2023
About the victim
AI dossier — public-source company profileViking Therapeutics is a clinical-stage biopharmaceutical company developing novel therapeutics for metabolic and endocrine disorders. Based in San Diego, California, the company's pipeline includes VK2735 (dual GLP-1/GIP receptor agonist in Phase 3 obesity trials) and VK2809 (thyroid hormone receptor beta agonist). The company is publicly traded and actively conducting clinical development programs.
- Industry
- Biopharmaceutical & Drug Development
- Address
- 9920 Pacific Heights Blvd, Suite 500, San Diego, CA 92121
Attack summary
Severity: high — Publicly traded biopharmaceutical company with active clinical trials; confirmed data exfiltration by ransomware group. Compromise likely includes sensitive clinical trial data, R&D information, and potentially patient information. SEC notification confirms material impact. Lack of specific proof count and data size details prevents 'critical' classification, but high-value intellectual property and regulated clinical data warrant 'high' severity.ALPHV ransomware group claims to have breached Viking Therapeutics and published exfiltrated data. The group has disclosed the attack but specific details about the scope of data compromise or encryption status are not provided in the captured post.
Data the group says was taken
AI dossier — extracted from the leak post- Clinical trial data
- Research and development records
- Corporate and financial information
- Patient/trial participant information
Sources
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

