Ransomware victim disclosure
← All victimsViking Therapeutics
Claimed by ALPHV/BlackCat · listed 3 years ago
Status timeline
- ListedDec 19, 2023
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Dec 19, 2023
About the victim
AI dossier — public-source company profileViking Therapeutics, Inc. is a clinical-stage biopharmaceutical company founded in September 2012 and headquartered in San Diego, California. The company develops novel therapies for metabolic and endocrine disorders, with a focus on obesity and lipid management through compounds such as VK2735 (a dual GLP-1/GIP agonist) and VK2809 (a thyroid hormone receptor beta agonist).
- Industry
- Biopharmaceutical — Clinical-Stage Development
- Address
- 9920 Pacific Heights Blvd, Suite 500, San Diego, CA 92121
- Founded
- 2012
Attack summary
Severity: high — A publicly traded clinical-stage biopharmaceutical company is a high-value target. Confirmed data publication by a major ransomware group (ALPHV/BlackCat) indicates exfiltration of sensitive business data, including likely pre-clinical research, trial data, and proprietary drug development information. Despite lack of explicit detail in the post, the combination of confirmed breach, data publication, and the sensitive nature of clinical-stage drug development warrants 'high' severity.ALPHV/BlackCat claims to have compromised Viking Therapeutics and published data. The post does not explicitly state whether the attack involved encryption, exfiltration, or both, nor does it specify which data categories were accessed or exposed.
What the group claims
Viking Therapeutics, Inc. is a clinical-stage biopharmaceutical company, which engages in the development of therapies for metabolic and endocrine disorders. The company was founded by Brian Lian and Michael A. Dinerman on September 24, 2012 and is headquartered in San Diego, CA.
Sources
- Victim sitevikingtherapeutics.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

