Pfizer Inc. said some documents it had submitted to Europe’s top drug regulator regarding its COVID-19 vaccine had been accessed in a cyber-attack on the agency.

The U.S. drugmaker and German partner BioNTech SE said in a statement they had been told by the European Medicines Agency that some documents relating to the regulatory submission for their vaccine that had been stored on the EMA server had been unlawfully accessed.

The companies said that none of their systems had been breached in connection with the incident and that “we are unaware that any study participants have been identified through the data being accessed.”

The companies said EMA informed them that the attack would have no effect on the timing of the vaccine review.

Pfizer shares were down 1.6 per cent to US$41.88 at 3:19 p.m. in New York.

The European Medicines Agency issued a brief statement Wednesday saying that it had been attacked and had “swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities.” It declined further comment.

Since the pandemic began, hackers aligned with governments including Russia and China have been accused of targeting companies and research institutions working on Covid-19 research. Cybersecurity researchers at International Business Machines Corp., for instance, recently disclosed that unknown hackers, probably tied to a nation-state, were targeting companies and government agencies involved in vaccine distribution.

The hackers pretended they were from one of the world’s largest cold-chain providers, who offer the type of refrigeration necessary for certain vaccines. It wasn’t clear if the victims fell for the scam. But if they did, the credentials they stole could help an attacker “gain insight into internal communications, as well as the process, methods and plans to distribute a COVID-19 vaccine,” IBM Security said in a statement.

In addition, in November, Microsoft Corp. said hackers in Russia and North Korea had targeted seven “prominent” companies working on vaccines and treatment research. Microsoft, which didn’t identify the companies, said the majority of the attacks were blocked.

In July, the U.K., U.S. and Canadian governments accused Russian intelligence of attempting to steal private information from researchers racing to develop a vaccine. And in May, the U.S. government warned that hackers working for the Chinese government were trying to steal research on vaccines and treatments from U.S. health care, pharmaceutical and research organizations.