Trends
Cencora says additional patient data stolen in February cyberattack
U.S. drug distributor Cencora has confirmed that additional sensitive patient data was stolen in a February cyberattack, including personally identifiable and health information.
Headline
U.S. drug distributor Cencora has confirmed that additional sensitive patient data was stolen in a February cyberattack, including personally identifiable and health information.
Context
OUR TAKE This incident underscores the persistent cyber threats facing healthcare providers and the need for robust security measures. Cencora’s proactive response is commendable but highlights the importance of continuous vigilance and investment in cybersecurity to protect sensitive patient data. Other firms should take heed and reinforce their own defences. –Vicky Wu, BTW reporter U.S. drug distributor Cencora has revealed that additional sensitive patient data, beyond what was initially reported, had been stolen in a cyberattack and data breach that occurred in February. The company initiated an investigation into the incident earlier this year and has now completed its review of most of the exfiltrated data. Cencora confirmed that the compromised data included personally identifiable information and protected health information of individuals, primarily related to those supported by a subsidiary of the company. Affected individuals and relevant regulatory agencies have been notified as required, according to a regulatory filing.
Evidence
Pending intelligence enrichment.
Analysis
While Cencora continues to review the data, it has assured stakeholders that there is no evidence suggesting the data has been or will be publicly disclosed. The company is actively working with cybersecurity experts to enhance its surveillance and defences against future threats. Despite the breach, Cencora maintains that the incident has not had a material impact on its operations. Also read: Indonesian cyberattack exposes rising threats in Southeast Asia Also read: A cyberattack knocked out the heating system in Lviv, Ukraine This incident highlights the ongoing threat that cyberattacks pose to healthcare companies and the sensitive data they handle. As Cencora is a significant player in the pharmaceutical distribution sector, the breach could undermine trust among patients and healthcare providers who rely on the company for secure handling of personal and health-related information.
Key Points
- U.S. drug distributor Cencora has confirmed that additional sensitive patient data was stolen in a February cyberattack, including personally identifiable and health information.
- The company is working with cybersecurity experts to strengthen its defences, and there is no evidence the data has been publicly disclosed.
Actions
Pending intelligence enrichment.
