What is Cencora, formerly known as AmerisourceBergen?

Cencora, formerly known as AmerisourceBergen, is a major player in the pharmaceutical services sector, offering distribution and various solutions catering to doctors' offices, pharmacies, and animal healthcare.

What happened in the Cencora cybersecurity incident?

Unauthorized threat actors accessed and exfiltrated data from Cencora's corporate information technology systems. Cencora engaged with law enforcement, external cybersecurity specialists, and legal advisors to conduct a thorough investigation.

What type of data was stolen in the Cencora data breach?

The data exfiltration potentially included personal information, although specific details about the nature of the stolen data have not been disclosed.

Is there any connection between Cencora's cyberattack and the recent ransomware attack on Optum Change Healthcare?

Cencora claims that there is no evidence to suggest any connection between its cyberattack and the recent ransomware attack on Optum Change Healthcare.

Incident

Cencora pharmaceutical reports cyberattack and data breach

published: Feb. 28, 2024

Learn More

Cencora, formerly known as AmerisourceBergen, has reported a cybersecurity incident where unauthorized threat actors accessed and exfiltrated data from its corporate information technology systems. Censora is a major player in the pharmaceutical services sector, offers distribution and various solutions catering to doctors' offices, pharmacies, and animal healthcare.

Cencora became aware of the data exfiltration, which potentially included personal information and has engaged with law enforcement, external cybersecurity specialists, and legal advisors to conduct a thorough investigation.

No details are disclosed about the nature of the attack, data stolen or number of affected individuals.

Update - As of 20th of May 2024, Cencora reports the exposed data includes:

Patient names
Postal addresses
Dates of birth
Health diagnoses
Medication details

The breached information was obtained through Cencora’s partnerships with various pharmaceutical companies.

The impacted companies include:

Novartis Pharmaceuticals Corporation
Bayer Corporation
AbbVie Inc.
Regeneron Pharmaceuticals, Inc.
Genentech, Inc.
Incyte Corporation
Sumitomo Pharma America, Inc.
Acadia Pharmaceuticals Inc.

As of 1st of August 2024, Cencora has notified over 1.43 million individuals across the United States that their personal and protected health information was compromised.

Despite the immediate and response to the cyberattack, Cencora has stated that it has not yet ascertained the potential material impact of the incident on its financial standing or operational capabilities. The company's claims that there is no evidence to suggest any connection between this cyberattack and the recent ransomware attack on Optum Change Healthcare, which has caused significant disruptions in pharmaceutical billing systems.

As of now, there has been no claim of responsibility for the recent cyberattack on Cencora by any ransomware gangs, nor has there been additional information regarding the identity of the perpetrators behind the breach

Cencora pharmaceutical reports cyberattack and data breach

Read More
Truepill pharmacy provider reports data breach, exposes 2.3 …
Crescent Community Health Center’s InFocus Pharmacy reports data …
Embargo ransomware gang claims breach of American Associated …
SaaS provider Workiva reports customer data breach in …
German pharma wholesaler AEP hit by ransomware attack