The Cencora Data Breach resulted in theft of sensitive data after malicious actors gained unauthorized access to their corporate IT systems.
The pharmaceutical company Cencora has recently reported a cyberattack in which malicious actors gained unauthorized access to their corporate IT systems.
Cencora, formerly known as AmerisourceBergen, is a prominent player in the pharmaceutical industry. They offer a range of services, including drug distribution and solutions tailored for medical practices, pharmacies, and animal healthcare.
Cencora Data Breach, What Happened?
Cencora, a company that generated $262.2 billion in revenue during the fiscal year 2023 and employs around 46,000 individuals, has recently reported a significant incident. In a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), Cencora disclosed that they experienced a cyberattack resulting in the theft of data.
“On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information,” Reads the SEC filing.
Following the detection of the unauthorized activity, Cencora implemented measures to contain the incident. They have initiated a thorough investigation in collaboration with law enforcement agencies, external cybersecurity experts, and external legal advisors.
At this stage, it remains uncertain whether the Cencora Data Breach will have a material impact on Cencora’s financial standing or operational activities. The company is diligently assessing the situation to determine the full extent of the incident and its potential implications.
When Cencora was asked for further details regarding the cyberattack, the company directed to the statement provided in the SEC filing. While Cencora confirmed the occurrence of the cyberattack, they clarified that it is not connected to the Optum hack.
“We have no reason to believe there is a connection between the incident at Change and the unauthorized activity at Cencora,” Cencora said in a statement to BleepingComputer
Currently, there is no additional information available regarding the identity of the threat actors responsible for Cencora Data Breach and no ransomware groups have claimed responsibility for the cybersecurity incident.
However, it is worth noting that in February 2023, a ransomware group called Lorenz previously said that they had breached Cencora (then known as AmerisourceBergen). They claimed to have stolen data related to the Animal Health division.
It is important to await further updates and official statements regarding the ongoing investigation into this cyberattack.