Ransomware Attack Disrupts German Pharmaceutical Supplies, Affects Thousands of Pharmacies

AEP, a pharmaceutical wholesaler based in Bavaria, Germany, has reported a significant ransomware attack that has disrupted medicine supplies to over 6,000 pharmacies across the country. In a statement, AEP described the cyberattack as “targeted and criminal,” resulting in the encryption of parts of its IT infrastructure and forcing the company to suspend some operations.

The incident, discovered last week, prompted AEP to swiftly implement extensive protective measures. The company disconnected all external connections and shut down affected systems to contain the impact. With around 200 employees and a network spanning thousands of pharmacies, AEP is now working alongside external cybersecurity and forensic experts to restore its systems and mitigate further damage.

Communication with the company has been significantly impacted, with AEP stating that it is currently unreachable by phone and can only respond to emails on a limited basis.

The Bavarian Pharmacists Association has assured that pharmacies affected by AEP’s disruptions should be able to source essential medicines from other wholesalers, minimising the immediate impact on patients. The Bavarian State Criminal Police Office has also launched an investigation into the cyberattack.

This attack highlights the continued vulnerability of the pharmaceutical supply chain to ransomware. Earlier this year, the industry saw similar disruptions, including incidents affecting Cencora, a major pharmaceutical distributor, and Change Healthcare, which impacted U.S. prescription services nationwide.

As AEP continues its recovery efforts, the incident underscores the critical importance of robust cybersecurity in protecting the healthcare sector’s supply chain and ensuring continuity of care.