AMSTERDAM — The European Union's drug regulator said Friday that COVID-19 vaccine documents stolen from its servers in a cyberattack have been not only leaked to the web, but "manipulated" by hackers. 

The European Medicines Agency said that an ongoing investigation into the cyberattack showed that hackers obtained emails and documents from November related to the evaluation of experimental coronavirus vaccines. The medicines agency, which regulates drugs and medicines across the 27-member EU, had troves of confidential COVID-19 data as part of its vaccine approval process. 

"Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines," the agency said. 

It said that given the devastating toll of the pandemic, there was an "urgent public health need to make vaccines available to EU citizens as soon as possible." The EMA insisted that despite that urgency, its decisions to recommend the green-lighting of vaccines were based "on the strength of the scientific evidence on a vaccine's safety, quality and efficacy, and nothing else."

The agency, which is based in Amsterdam, came under heavy criticism from Germany and other EU member countries in December for not approving vaccines against the virus more quickly. The EMA issued its first recommendation for the Pfizer and BioNTech vaccine weeks after the shot received approval in Britain, the United States, Canada and elsewhere. 

The European Medicines Agency recommended a second vaccine, made by Moderna, for use earlier this month. A third shot made by AstraZeneca and Oxford is currently under consideration by the agency. 

The EMA said law enforcement authorities are taking "necessary action" in response to the cyberattack.