Data Scam – Breach of National Medicines Regulatory Authority’s Database


The National Medicines Regulatory Authority (NMRA) is one of the key institutions that was controversially discussed during the COVID-19 pandemic, for numerous reasons including its role in granting approval for COVID-19 vaccines for emergency use in Sri Lanka. However, a breach of the (NMRA) database that contains classified information regarding “the formulation of drugs and other confidential supporting documentation” was reported in August 2021. Around 2TB of data was lost in the breach.[1]

This information gap and the information (if leaked) could result in posing an imminent threat to “the business relationships of local drugs companies with their foreign principals”, reported the Sunday Times. However, with the general lack of evidence available in the public domain and the ongoing investigations, this cannot be conclusively proven at the moment.

What is the corruption? 

  • Lack of transparency
  • Neglect or abuse of public property
  • Potentially, an act of “sabotage” as a cover up

What has been done?

  • The Samagi Jana Balawegaya (SJB) filed a complaint at the Criminal Investigations Department.[2]
  • A group led by Venerable Pahiyangala Ananda Sagara Thera filed a complaint at the Criminal Investigations Department.[3]

What can be done?

  • Ensure independent and expeditious investigations
  • Publicly reveal the findings of the investigations
  • Continue demanding accountability and transparency in the public sector and in governance.