US pharmaceutical giant Cencora has been hit by a data breach.
The company notifies affected individuals that their personal and highly sensitive medical information was stolen during a cyberattack and data breach earlier this year.
This includes patient names, mailing addresses, dates of birth, as well as information about their health diagnoses and medications.
RECEIVE SECURITY ALERTS AND EXPERT TIPS – SUBSCRIBE TO THE KURT NEWSLETTER – THE CYBERGUY REPORT HERE
Doctors in discussion (cencora)
What Happened: A Breakdown of Events
Cencora has not yet described the nature of the cyberattack. However, a report claims that the attack began on February 21 and was not made public until the company Notification filed with government regulators. a week later, on February 27.
The pharmaceutical company, known as AmerisourceBergen until 2023, handles about 20% of the pharmaceutical products sold and distributed in the U.S. It is unclear whether Cencora has determined how many people have been affected by the breach. The company says it has so far identified and notified approximately half a million people affected by the data breach. However, Cencora acknowledged that it lacks complete address information for some affected people, so it published a notice on its website to reach them.
The cyberattack on the pharmaceutical giant Cencora came to light shortly after another Attack that interrupted the Ascensión hospital network.. However, a Cencora spokesperson says there is “no connection” between her incident and attacks on other health care providers.
Emergency Signal (Kurt “CyberGuy” Knutsson)
HOW TO DELETE YOUR PRIVATE INTERNET DATA
Why should you care about the Cencora data breach?
Cencora is a major player in the US healthcare industry. The $250 billion firm is associated with some of the largest pharmaceutical companies, including GlaxoSmithKline, Novartis, Genentech, Bayer, Regeneron and Bristol Myers Squibb. The breach has affected at least 23 pharmaceutical and biotech companies, suggesting a broader impact than initially reported.
If you provided your data to any of these companies, the breach may have exposed you to the web. The number of people affected by the Cencora data breach is expected to be very high. Cencora claims on its website that it has served at least 18 million patients to date, and the breach may have exposed the data of all of these patients.
A data breach may not cause immediate damage, but your data is likely already in the hands of scammers on the dark web. They can use this data to scam, blackmail and harass you. Since the data breach also leaks your address, scammers may try to scam you by mail by asking for personal information or posing as a government authority.
CLICK HERE FOR MORE US NEWS
Doctor showing drugs (Kurt “CyberGuy” Knutsson)
MASSIVE FREE VPN DATA BREACH EXPOSES 360 MILLION RECORDS
The consequences and the response
Cencora completed its investigation into the breach on April 10, 2024. As part of its response, Cencora is offering 24 months of credit monitoring and remediation services to individuals whose information was involved in the incident. There are also indications that a ransom may have been paid to prevent leaked patient data from becoming public.
Also a class action lawsuit was filed against Cencora, alleging that the company failed to adequately protect patient data and delayed notifying affected individuals for nearly three months after discovering the breach.
We reached out to Cencora for comment on this article, but did not receive a response by deadline.
Seven proactive measures to take against cyberattacks on healthcare
If you believe you have been affected by the Cencora data breach, please follow these steps to protect yourself and your personal data.
1. Stay informed: Stay up to date with the latest news from Cencora and other reliable sources to know the status of systems and services.
2. Monitor your accounts and transactions: You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or authorities as soon as possible. You should also review your credit reports and scores for signs of identity theft or fraud.
3. Use identity theft protection: Identity theft protection companies can monitor personal information such as your home title, social security number, phone number, and email address and alert you if it is being used to open an account. They can also help you freeze your bank and credit card accounts to prevent further unauthorized use by criminals. Check out my tips and top picks on how to protect yourself from identity theft.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
4. Change your passwords: Although Cencora says that your personal data, such as phone number and email address, has not been leaked, it is still advisable to change your passwords. Consider using a password manager to generate and store complex passwords.
5. Anti-phishing surveillance: Be very careful with phishing attempts, as cyber attacks often lead to an increase in phishing emails and calls, which attempt to take advantage of the situation. The best way to protect yourself from clicking on malicious links that install malware that can access your private information is to have strong antivirus protection installed on all your devices. This can also alert you to any phishing emails or ransomware scams. Get my picks for the best antivirus protection winners of 2024 for your Windows, Mac, Android, and iOS devices.
6. Be careful with mailbox communications: Bad actors may also try to scam you through snail mail. The data breach gives them access to your address. They may impersonate people or brands you know and use topics that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
7. Invest in data removal services: While no service promises to remove all of your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
Kurt's Key Takeaways
Cencora and the recent cyber attacks on healthcare institutions suggest that there is a serious flaw in their infrastructure. Criminals should not be able to exploit these systems so easily, especially when they contain crucial information about patients. However, you can be cautious on your part. A data breach cannot be reversed, but you can protect yourself from harm by being vigilant. Do not share your personal information with anyone and avoid clicking on links you do not trust.
CLICK HERE TO GET THE FOX NEWS APP
How do you evaluate the trustworthiness of websites and apps before providing your personal information? Let us know by writing to us at Cyberguy.com/Contact.
For more tech tips and security alerts, sign up for my free CyberGuy Report newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or tell us what stories you'd like us to cover..
Follow Kurt on his social channels:
Answers to the most frequently asked questions about CyberGuy:
Copyright 2024 CyberGuy.com. All rights reserved.
