West Pharmaceutical Services
A NYSE-listed manufacturer (NYSE: WST) of drug-delivery packaging components for global pharmaceutical supply chains, based in Exton, Pennsylvania.
Last refreshed: 20 May 2026 · Appears in 1 active topic
If a pharma supply-chain manufacturer goes dark globally, how long before drug-delivery timelines are affected?
Timeline for West Pharmaceutical Services
Mentioned in: Alabama bank files a live-breach 8-K
Cybersecurity: Threats and DefencesFiled Form 8-K on 7 May declaring a 4 May ransomware incident material; took global operations offline
Cybersecurity: Threats and Defences: West Pharma SEC 8-K on ransomware haltWhat happened to West Pharmaceutical Services in May 2026?
What does West Pharmaceutical Services make?
Who claimed responsibility for the West Pharmaceutical Services cyberattack?
Background
West Pharmaceutical Services is a NYSE-listed (WST) US manufacturer of containment and delivery components for injectable drugs, headquartered in Exton, Pennsylvania. The company supplies pharmaceutical packaging, including rubber stoppers, seals, and self-injection systems, to virtually every major global pharmaceutical manufacturer and biotechnology company, positioning it as a critical node in the pharmaceutical supply chain. Revenue for fiscal year 2025 was approximately $2.9 billion, and the company employs roughly 10,000 people across manufacturing facilities in North America, Europe, and Asia-Pacific.
West Pharmaceutical Services filed a Form 8-K with the SEC on 7 May 2026, disclosing a material cybersecurity incident detected on 4 May. The filing reported data exfiltration and full-system encryption, with operations taken offline globally across shipping, manufacturing, and shared services. Palo Alto Networks Unit 42 was engaged as forensic responder. No ransomware group had publicly claimed responsibility at the time of filing, but the operational description, simultaneous exfiltration and encryption, is consistent with a double-extortion ransomware model. Manufacturing was resuming site by site as of the filing date.
The West Pharma 8-K is significant for two reasons: it follows Stryker's April 2026 8-K/A for a Handala-related incident as a second listed CNI-adjacent manufacturer disclosing material operational disruption without ransom-group attribution; and it extends the cyber-incident disclosure baseline through existing statute (the SEC's 2023 cyber-disclosure rule) rather than new legislation. The paired filings establish that operational disruption severe enough to move the quarter crosses the SEC materiality threshold independently of public extortion activity or threat-actor attribution.