- 11 leading pharmaceutical companies have filed a breach notification stating they have been affected by the February cyberattack on Cencora.
- Cencora is an American drug wholesale company that does business with the affected pharmaceutical companies.
- In February 2024, Cencora was affected by a smash-and-grab attack during which a lot of its customers’ personal data was stolen.
- While the breach was thought to be contained back then, it spread to the pharmaceutical companies that had partnered with Cencora.
Patient data from several leading drug companies of the world have been exposed due to a data breach that occurred in February 2024. This cyberattack was targeted at Cencora—a company that the now-affected drug companies had partnered with for business purposes.
Cencora is a major pharma company, with more than 46,000 employees and roots in 50 countries globally. In the year 2023, it garnered $262.2 billion in revenue.
The top 15 victims of this extended data breach include:
- AbbVie Inc
- Acadia Pharmaceuticals Inc.
- Bayer Corporation
- Bristol Myers Squibb Company and Bristol Myers Squibb Patient Assistance Foundation
- Dendreon Pharmaceuticals LLC
- Endo Pharmaceuticals Inc.
- Genentech, Inc.
- GlaxoSmithKline Group of Companies and the GlaxoSmithKline Patient Access Programs Foundation
- Incyte Corporation
- Marathon Pharmaceuticals, LLC/PTC Therapeutics, Inc.
- Novartis Pharmaceuticals Corporation
- Pharming Healthcare, Inc.
- Regeneron Pharmaceuticals, Inc
- Sumitomo Pharma America, Inc. / Sunovion Pharmaceuticals Inc
- Tolmar
Out of this, 11 companies have submitted a breach notification letter to the California Attorney General’s office, claiming that this breach is related to the Cencora incident.
Understanding The Cencora Attack
Cencora, formerly known as AmerisourceBergen, had disclosed a cyberattack in February and filed a Form 8-K with the Securities and Exchange Commission (SEC).
The Cencora data breach was first noticed on February 21 (originated from the prescription supply program run by the company’s now-defunct subsidiary Medical Initiatives Inc.) and was immediately contained. However, the damage had already been done.
An investigation revealed that the attack compromised the personal data of Cencora’s users, including their first and last names, addresses, and medications, as well as other details of their prescriptions.
The company immediately notified all those users who were affected by the attack. In fact, as per reports, almost half a million Cencora users have already been notified. However, the actual number of victims could be much higher considering that the company has served over 18 million customers till date.
Thankfully, though, the affected users were given access to two years of free identity protection and credit monitoring, which would help them protect their information.
Speaking of the impact of the attack, there doesn’t seem to be any misuse of the stolen data at the time of writing. Also, the investigation revealed that it was a smash-and-grab attack and not ransomware.
This means that it will probably have no impact on the company’s operations or financial status. However, there’s always a risk of identity theft, phishing, and other forms of data misuse.
As far as Cencora itself is concerned, there’s a risk of a lawsuit or an investigation from the EU to check if there was a violation of the GDPR.
Our Editorial Process