Pharmaceutical giant Cencora says data was stolen in a cyberattack

Cencora, previously known as AmerisourceBergen, specializes in pharmaceutical services, providing drug distribution and solutions for doctor's offices, pharmacies, and animal healthcare. 

The Company had $262.2 billion in revenue for fiscal year 2023 and employs approximately 46,000 people.

In a Form 8-K filing with the SEC, Cencora disclosed they suffered a cyberattack that led to data theft.

"On February 21, 2024, Cencora, Inc. (the "Company"), learned that data from its information systems had been exfiltrated, some of which may contain personal information," reads the SEC filing.

Cencora says they contained the incident and are now working with law enforcement, external cybersecurity experts, and external counsel to investigate it.

Upon initial detection of the unauthorized activity, the company immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts, and external counsel.

Cencora says they have not determined if the incident will materially impact their finances or operations.

When BleepingComputer contacted Cencora to learn more about the incident, they referred us to the statement in the SEC filing.

However, they confirmed that their cyberattack is unrelated to the Optum Change Healthcare ransomware attack that has led to significant outages in pharmaceutical billing.

"We have no reason to believe there is a connection between the incident at Change and the unauthorized activity at Cencora," Cencora told BleepingComputer in a statement.

At this time, there is no further information on who breached Cencora and no ransomware gangs have taken responsibility.

A ransomware group known as Lorenz previously claimed to have breached Cencora in February 2023 while the company was operating as AmerisourceBergen, stating that they stole data related to the Animal Health division.

Source: bleepingcomputer.com