2021-09-28 Fortress Biotech, Inc. Cybersecurity Incident

Page last updated on April 11, 2024

Fortress Biotech, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2021-09-28 16:10:27 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2021-09-28
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2021-09-28

Fortress Biotech, Inc. filed an 8-K at 2021-09-28 16:10:27 EDT
Accession Number: 0001104659-21-120228

Item 8.01 Other Events.

Alexion Therapeutics and Caelum Biosciences reach the end of the HSR waiting period for purchase

As previously disclosed, on January 30, 2019, Caelum Biosciences, Inc. (“Caelum”), a partner company of Fortress, entered into a Development, Option and Stock Purchase Agreement (as amended, the “DOSPA”) by and among Caelum, Alexion Therapeutics, Inc. (“Alexion”), Fortress and the Caelum security holders parties thereto (including Fortress, the “Sellers”). Under the DOSPA, Alexion has an option (the “Option”) to purchase from the Sellers 100% of the equity securities of Caelum for an upfront option exercise fee of $150 million (of which approximately $64 million would be payable to Fortress), plus up to $350 million in contingent development and sales milestones (such acquisition, if consummated, the “Acquisition”). Ten percent of the upfront option exercise fee would be held in escrow to satisfy potential indemnification obligations, if any, and certain miscellaneous transaction expenses may be deducted from the upfront option exercise fee. Fortress would be eligible to receive approximately 43% of each subsequent cash milestone payable to the Sellers.

Consummation of the Acquisition is conditioned upon, among other things, the expiration of the waiting period (and any extension thereof) or the granting of early termination under the Hart-Scott-Rodino Antitrust Improvements Act of 1976, as amended (the “HSR Act”). The waiting period under the HSR Act expired on September 22, 2021.

Journey Medical Corporation suffers cyber attack.

Fortress has learned that its subsidiary Journey Medical Corporation (“Journey”) has been the victim of a business e-mail compromise cybersecurity incident affecting its accounts payable function that led to approximately $9.5 million in wire transfers being misdirected to apparently fraudulent accounts. The details of the incident and its origin are under investigation with the assistance of third-party cybersecurity experts working at the direction of legal counsel. The incident does not appear to have compromised any personally identifiable information or protected health information. The matter has been reported to the Federal Bureau of Investigations. As the controlling stockholder of Journey and as its supporting partner in its back-office functions, Fortress is providing Journey with $9.5 million to ensure Journey’s accounts payable operations continue to function smoothly.

Company Information