Cencora cyber attack affects 11 major pharmaceutical firms

A February cyber attack on U.S. pharmaceutical solutions company Cencora has led to data breaches across 11 prominent drug companies. Cencora, formerly AmerisourceBergen, detected unauthorized activity on its systems on February 21, with data exfiltration confirmed shortly after that.

In a breach notification filed on February 28, Cencora stated that the incident had not materially impacted its operations or information systems. However, Cencora has yet to determine the potential financial impact of the breach.

The cyber attack’s ripple effect has resulted in data breach disclosures from Cencora’s partner companies, including major pharmaceutical firms such as Bayer, Novartis, Regeneron, AbbVie, Incyte, Genentech, Sumitomo Pharma, GlaxoSmithKline, Acadia, Endo Pharmaceuticals, and Dendreon. These companies reported data breaches to the California Attorney General, attributing the incidents to the Cencora cyber attack.

Data breach notifications from the affected firms, heavily influenced by Cencora affiliate Lash Group, were sent out on April 18. The notifications indicated compromised data included personal information such as names, addresses, birth dates, health diagnoses, medications, and prescriptions. Despite the breach, no evidence suggests that the stolen information has been publicly disclosed or misused for fraudulent purposes.

Cencora’s SEC Form 8-K filing from February 2024 revealed the initial discovery of the IT system intrusion. The company stated that the data exfiltrated “may contain personal information.” Despite the significant breach, Cencora’s systems remain operational, and the full extent of the impact on its financial condition is still under assessment.