Krystal BioTech reports data breach, exposing customer information

Krystal BioTech, Inc., a biotechnology firm based in Pittsburgh, Pennsylvania, specializing in the development of genetic medicines, reported a significant data breach, disclosing that an unauthorized party had accessed sensitive consumer information.

Krystal took steps to secure its systems and enlisted the expertise of cybersecurity professionals to conduct a thorough investigation. This investigation confirmed the unauthorized access to confidential information.

The breach was discovered through a third-party notification on November 16, 2023 and has exposed customer data inlcuding:

• names,
• Social Security numbers,
• financial account information,
• driver's license numbers

No details are disclosed about the number of affected individuals or the nature of the attack

The breach notification letters sent out by Krystal on January 30, 2024, aim to inform affected individuals about the specific details of their compromised information.