Major Pharmaceutical Player Cencora Reports Data Breach

A leading entity in the pharmaceutical distribution sector, Cencora, has announced a significant security breach within their corporate IT infrastructure. The company, which was known as AmerisourceBergen before rebranding, is a pivotal player in the healthcare industry. 

It reported a revenue of more than $262 billion in the fiscal year 2023 and offers a range of services from drug distribution to comprehensive solutions catering to pharmacies, healthcare practices, and veterinary services.

Disclosure of the Cyberattack

The breach was formally acknowledged in a filing with the Securities and Exchange Commission (SEC), where Cencora detailed the cyberattack’s implications. 

The company’s statement in the Form 8-K filing highlighted the gravity of the situation: “On February 21, 2024, Cencora, Inc. (the ‘Company’), learned that data from its information systems had been exfiltrated, some of which may contain personal information.”

Response and Investigation

After discovering the incident, Cencora took swift action to contain the breach and initiated a comprehensive investigation. The company is collaborating closely with law enforcement agencies, external cybersecurity experts, and legal advisors to delve into the incident’s specifics and mitigate any potential fallout.

Despite the immediate containment measures, Cencora has yet to ascertain the full extent of the breach’s impact on their financial stability and operational continuity. The company is diligent in its efforts to understand the ramifications and is committed to maintaining transparency with all stakeholders.

Clarification Regarding Unrelated Cyber Incidents

Cencora has made it clear that this cybersecurity incident is not related to the ransomware attack on Optum Change Healthcare, which has caused significant disruptions in pharmaceutical billing systems.

The company stated, “We have no reason to believe there is a connection between the incident at Change and the unauthorized activity at Cencora,” reinforcing that the two events are separate and unrelated.

Ongoing Concerns and Previous Incidents

The identity of the perpetrators behind this cyberattack remains unknown, and no ransomware groups have come forward to claim responsibility. 

However, a ransomware group named Lorenz had previously claimed to attack the company in February 2023, targeting the Animal Health division while Cencora was still operating under the AmerisourceBergen name.

Final Word

As Cencora works diligently to investigate and address this breach, the incident serves as a stark reminder of the importance of robust cybersecurity measures and the need for constant vigilance in protecting sensitive data.