Table of Contents
CONSHOHOCKEN, Pa. — Health care distributor Cencora is informing the public that criminals have stolen their personal and sensitive medical information following a cyberattack and data breach early this year, TechCrunch reported Friday.
In letters to affected individuals sent out this week, Cencora said that the data from its systems includes patient names, their postal address and date of birth, as well as information about their health diagnosis and medications.
Cencora, whose investors include pharmacy chain Walgreens, disclosed the data breach in February, noting that it immediately took corrective steps and started an investigation.
Cencora said it had initially obtained patients’ data through partnerships with the drug makers it works with “in connection with its patient support programs.” That includes patients of Abbvie, Acadia, Bayer, Novartis, Regeneron, and other companies.
“Cencora previously disclosed that data from its information systems had been exfiltrated,” said Mike Iorfino director, Public Relations at Cencora. “Upon initial detection of the unauthorized activity, we immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts and external counsel. Through our investigation, we have identified certain individuals whose personal information was involved in the incident. While there is no evidence that any of the information has been publicly disclosed or misused for fraudulent purposes, we are issuing notification to impacted individuals and working to ensure they have access to resources to help them protect their information. The incident is fully contained and did not impact our operations. We take the security of information entrusted to us very seriously and continue to work with cybersecurity experts to reinforce our systems and information security protocols,” Iorfino added.