Security News > 2024 > May > Cencora data breach exposes US patient info from 11 drug companies
Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services.
In February 2024, Cencora disclosed a data breach in a Form 8-K filing with the SEC, stating that unauthorized parties gained access to its information systems and exfiltrated personal data.
Today, the California Attorney General's office published multiple data breach notification samples submitted in the past couple of days by some of the largest pharmaceutical firms in the United States, all attributing their data exposure to the February Cencora incident.
"Cencora, Inc. and its Lash Group affiliate partner with pharmaceutical companies, pharmacies, and healthcare providers to facilitate access to prescribed therapies through drug distribution, free trial offers, co-pay coupons, patient support and services, and other services," reads a related data breach notification from Novartis.
"We take the privacy and protection of the information entrusted to us very seriously. Cencora is writing to let you know about an event that involved your personal information that Cencora maintains in connection with its patient support programs on behalf of Novartis Pharmaceuticals Corporation."
BleepingComputer has reached out to Cencora to learn more about the data breach incident as well as the number of people impacted, but a spokesperson declined to provide additional details, pointing us to a news release issued last week.
News URL
Related news
- Cencora data breach exposes US patient info from 8 drug companies (source)
- Kaiser Permanente: Data breach may impact 13.4 million patients (source)
- Collection agency FBCS warns data breach impacts 1.9 million people (source)
- Panda Restaurants discloses data breach after corporate systems hack (source)
- 2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element (source)
- UK confirms Ministry of Defence payroll data exposed in data breach (source)
- Dell warns of data breach, 49 million customers allegedly affected (source)
- 'Four horsemen of cyber' look back on 2008 DoD IT breach that led to US Cyber Command (source)
- Dell API abused to steal 49 million customer records in data breach (source)
- Largest non-bank lender in Australia warns of a data breach (source)