// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / West Pharmaceutical Services
Breach Record

West Pharmaceutical Services

DISCLOSED 2026-05-28 · RANSOMWARE · RANSOMWARE

West Pharmaceutical Services confirmed a cybersecurity incident involving data theft and encryption of parts of its internal network. The attack is consistent with ransomware, though no specific threat actor has been named. The company is a major manufacturer in the pharmaceutical sector.

The record

What we know

Disclosed
2026-05-28
Attack vector
Ransomware
Sector
pharmaceuticals
RANSOMWARE ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

Without details on the initial access vector, it is unclear whether a positive-security model would have prevented the attack. If the ransomware relied on unauthorized changes to endpoints, an allowlist approach could have blocked execution, but the facts do not specify how the encryption was deployed.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the West Pharmaceutical Services disclosure. It updates if new public reporting emerges. All tracked breaches →

West Pharmaceutical Services just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →