Pharma Data Breach

It's been a busy week for the tech industry! Let me tell you what is going on.

U.S. pharmaceutical giant Cencora has recently experienced a significant data breach, compromising personal and sensitive medical information of many individuals. The company is in the process of notifying those affected by the cyberattack, which took place earlier this year.

The stolen data includes patient names, postal addresses, dates of birth, health diagnoses, and medication details. While Cencora hasn't detailed the specifics of the cyberattack, reports suggest it began on February 21 and wasn't publicly acknowledged until the company notified government regulators on February 27.

Formerly known as AmerisourceBergen until 2023, Cencora manages about 20% of pharmaceuticals distributed across the U.S. The total number of affected individuals is still unclear, but so far, Cencora has identified and notified around half a million people. Due to incomplete address information for some individuals, the company has also posted a notice on its website to reach out to those potentially impacted.

This breach follows a similar incident that disrupted Ascension's hospital network, though Cencora insists there's no connection between their breach and the incidents at Change Healthcare or Ascension. As a major player in the healthcare industry, Cencora partners with prominent pharmaceutical companies like GlaxoSmithKline, Novartis, Genentech, Bayer, Regeneron, and Bristol Myers Squibb. The breach has affected at least 23 pharmaceutical and biotechnology companies, indicating a wider impact.

If you've shared your data with any of these companies, it's possible that your information may have been exposed. Cencora, which has served at least 18 million patients, warns that the breach could potentially affect all these individuals.

Although there's no immediate evidence of misuse, the compromised data could end up on the dark web, where it may be used for scams, blackmail, and harassment. The breach included address information, so there's a risk of scammers attempting to contact you by mail, pretending to be from government authorities or other entities.

Cencora completed its investigation into the breach on April 10, 2024, and is offering 24 months of credit monitoring and remediation services to those affected. There are indications that a ransom may have been paid to prevent the release of patient data.

In addition, a class-action lawsuit has been filed against Cencora, accusing the company of failing to adequately protect patient data and delaying the notification process for nearly three months.

In response to our inquiry, a Cencora representative provided this statement:

"Cencora previously disclosed that data from its information systems had been exfiltrated. Upon initial detection of the unauthorized activity, we immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts, and external counsel. Through our investigation, we have identified certain individuals whose personal information was involved in the incident. While there is no evidence that any of the information has been publicly disclosed or misused for fraudulent purposes, we are issuing notification to impacted individuals and working to ensure they have access to resources to help them protect their information. The incident is fully contained and did not impact our operations. We take the security of information entrusted to us very seriously and continue to work with cybersecurity experts to reinforce our systems and information security protocols."

If you think you might be affected by the Cencora data breach, consider taking these steps to protect yourself:

Stay informed: Keep up with the latest updates from Cencora and reliable news sources regarding the breach.
Monitor your accounts and transactions: Regularly check your online accounts and transactions for any suspicious activity. Report any anomalies to your service provider or authorities immediately. Also, review your credit reports and scores for signs of identity theft or fraud.
Use identity theft protection: Consider services that monitor personal information and alert you to unauthorized use. They can also help you freeze your bank and credit card accounts to prevent further misuse.
Change your passwords: Even though Cencora claims phone numbers and email addresses weren't leaked, it's wise to change your passwords. Use a password manager to generate and store strong passwords.
Be vigilant against phishing: Cyberattacks often lead to increased phishing attempts. Protect yourself by installing strong antivirus software that can alert you to phishing emails and ransomware scams.
Be wary of postal scams: Scammers may use your leaked address to send fraudulent mail. Be cautious of mail claiming urgent actions like missed deliveries or account suspensions.
Invest in data removal services: These services can help monitor and automate the removal of your information from online sources. Consider them if you want continuous protection over time.
Stay proactive and protect your personal data to minimize potential risks from this breach.

As always, here will be the source of the information.

Also, while I'm here, have you seen our Surfshark blog?

If not, here we go. Also, have you guys signed up for our newsletter? If not, here we are, a Swiss army knife of information. As you can see.'