Pharmaceutical Giant Cencora Says Data Was Stolen In A Cyberattack

February 28, 2024
Corporate headquarter for Cencora
Image: Cencora (Previously known as AmerisourceBergen)

Pharmaceutical giant Cencora says they suffered a cyberattack where threat actors stole data from corporate IT systems.

Cencora, previously known as AmerisourceBergen, specializes in pharmaceutical services, providing drug distribution and solutions for doctor’s offices, pharmacies, and animal healthcare. 

The Company had $262.2 billion in revenue for fiscal year 2023 and employs approximately 46,000 people.

In a Form 8-K filing with the SEC, Cencora disclosed they suffered a cyberattack that led to data theft.

“On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information,” reads the SEC filing.

Cencora says they contained the incident and are now working with law enforcement, external cybersecurity experts, and external counsel to investigate it.

Upon initial detection of the unauthorized activity, the company immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts, and external counsel.

Cencora says they have not determined if the incident will materially impact their finances or operations.

When BleepingComputer contacted Cencora to learn more about the incident, they referred us to the statement in the SEC filing.

However, they confirmed that their cyberattack is unrelated to the Optum Change Healthcare ransomware attack that has led to significant outages in pharmaceutical billing.

“We have no reason to believe there is a connection between the incident at Change and the unauthorized activity at Cencora,” Cencora told BleepingComputer in a statement.

At this time, there is no further information on who breached Cencora and no ransomware gangs have taken responsibility.

A ransomware group known as Lorenz previously claimed to have breached Cencora in February 2023 while the company was operating as AmerisourceBergen, stating that they stole data related to the Animal Health division.

Original Source

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

072524 getty ng crowdstrike bus 27 07 2024

Summer-only sessions helped blunt CrowdStrike outage impact on US schools

July 27, 2024
news

Despite Bans, AI Code Tools Widespread in Organizations

July 27, 2024
news

Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

July 27, 2024
news

Hacktivists Claim Leak of CrowdStrike Threat Intelligence

July 27, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

July 27, 2024