Cyber Incident Victim: Uppsala Monitoring Centre

On the night of January 19-20, 2024, IT services provider Tietoevry detected a cyber attack targeting one of its data centers in Sweden, which hosted critical infrastructure for Uppsala Monitoring Centre (UMC). Tietoevry responded by isolating affected systems to contain the incident, but this action caused widespread service disruptions across UMC’s WHODrug and Vigi application portfolios. The attack’s impact became apparent on January 20 when UMC announced service unavailability across multiple platforms, affecting pharmaceutical safety monitoring systems used by the Programme for International Drug Monitoring members and other stakeholders. By January 23, 2024, operational status updates showed significant ongoing outages: VigiBase API, VigiFlow, VigiLyze, and seven WHODrug services remained completely non-operational, while WHODrug Download API was partially functional. Vaccine eReporting, VigiAccess, VigiMobile, and Primary eReporting were among the few services restored to normal operation during this period.

UMC activated a crisis management team to coordinate incident response, maintain communication with Tietoevry, and prepare for service restoration once infrastructure repairs concluded. Director Dr. Peter Hjelmström publicly acknowledged the severity of the disruption, apologizing to stakeholders while clarifying that recovery timelines remained uncertain as Tietoevry continued remediation work. UMC confirmed no evidence of data compromise but maintained continuous monitoring of its systems throughout the outage. The organization provided daily status updates via its website and email subscriptions, detailing affected services and advising users to contact support for unresolved technical issues. Service interruptions persisted beyond January 23, with critical drug safety tools like WHODrug Insight, WHODrug Koda, and VigiBase Custom Searches remaining offline due to dependencies on Tietoevry’s compromised infrastructure.