A significant cyber attack on US pharmaceutical solutions company Cencora in February has led to data breaches impacting 11 major pharmaceutical firms. The attack, detected on February 21, involved unauthorized access and data exfiltration from Cencora’s systems.
In a February 28 breach notification, Cencora stated, “As of the date of this filing, the incident has not had a material impact on the company’s operations, and its information systems continue to be operational. The company has not yet determined whether the incident is reasonably likely to materially impact the company’s financial condition or results of operations.”
Subsequently, 11 pharmaceutical companies partnering with Cencora reported their data breaches. These companies include:
- Bayer Corporation: Known for the origin and first marketing of aspirin.
- Novartis Pharmaceuticals: One of the largest pharmaceutical companies in the world.
- Regeneron Pharmaceuticals, Inc: Known for ophthalmology, oncology, and immunology treatments.
- AbbVie Inc: Creator of Humira, used to treat rheumatoid arthritis among other conditions.
- Incyte Corporation: Developer of Jakafi, used to treat myelofibrosis.
- Genentech, Inc: Leader in biotechnology, particularly in cancer treatment.
- Sumitomo Pharma America, Inc: Specializes in neurology, oncology, and psychiatry.
- GlaxoSmithKline Group: Global organization providing vaccines, pharmaceuticals, and consumer healthcare.
- Acadia Pharmaceuticals Inc: Creates treatments for central nervous system disorders.
- Endo Pharmaceuticals Inc: Develops medications for urology, endocrinology, and pain management.
- Dendreon Pharmaceuticals LLC: Specializes in oncology and immunotherapy treatments for prostate cancer.
According to notifications published by the California Attorney General’s office, the Cencora cyber incident catalyzed these breaches. The 11 companies issued similar notifications, heavily informed by Cencora affiliate partner Lash Group, who alerted the organizations about the incident on April 18.
The Bayer notification reads, “Based on our investigation, personal information was affected, including potentially your first name, last name, address, date of birth, health diagnosis, and/or medications and prescriptions. “
The statement further added, “There is no evidence that any of this information has been or will be publicly disclosed, or that any information was or will be misused for fraudulent purposes as a result of this incident, but we are communicating this to you so that you can take the steps outlined below to protect yourself. ”
As these companies and affected individuals navigate the fallout from the Cencora cyber attack, the necessity of robust cybersecurity measures becomes increasingly evident in safeguarding sensitive personal and corporate data.
In light of these breaches, many individuals and companies are seeking the best VPN services to secure their online activities and protect sensitive data. Utilizing a reliable VPN can provide an additional layer of security against such cyber threats, ensuring better protection for digital communications and data.
In Other News:
- Microsoft Ties Executive Pay to Cybersecurity Performance in Bold Move.
- MediSecure Hit by Major Ransomware Attack, Compromises Customer Data.
- Ransomware Attacks Leverage Microsoft’s Quick Assist for Cyber Exploits.