Data Breach of More Than a Dozen Drugmakers Puts Patient Info at Privacy Risk

A February data breach at drug distributor Cencora has exposed the personal medical information of tens of thousands of patients, according to filings with numerous state attorneys general (AG) and the Securities and Exchange Commission (SEC).

In April, both Cencora (formerly AmerisourceBergen) and the Lash Group — its patient services partner — notified AGs, including California Attorney General Rob Bonta and Montana Attorney General Austin Knudsen, about the incident which involved the records of people enrolled in the patient services programs of more than a dozen companies.

Cencora quietly broke the news in its February SEC report, saying “On February 21, 2024, Cencora, Inc. learned that data from its information systems had been exfiltrated, some of which may contain personal information. Upon initial detection of the unauthorized activity, the Company immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts and external counsel.”

To read the whole story, click here.

Related Topics