Excerpt from BleepingComputer Article, Published on Feb 27, 2024

Cencora, a prominent pharmaceutical entity formerly known as AmerisourceBergen, revealed that it fell victim to a cyberattack resulting in data theft from its corporate IT systems. With a robust presence in pharmaceutical services, including drug distribution and healthcare solutions, Cencora boasts a staggering $262.2 billion in revenue for fiscal year 2023, employing around 46,000 individuals. The disclosure described the unsettling discovery that Cencora made on February 21, 2024, through a Form 8-K filing with the Securities and Exchange Commission (SEC). According to the filing, the company learned that data from its information systems had been illicitly exfiltrated, potentially compromising personal information.

Swift action ensued as Cencora immediately initiated containment measures upon detecting the unauthorized activity. The company is now collaborating closely with law enforcement agencies, external cybersecurity experts, and legal advisors to conduct a thorough investigation into the breach. Despite the breach, Cencora has yet to ascertain whether the incident will have a substantial impact on its financial standing or operational functions. BleepingComputer requested clarifications regarding the breach and pointed to the company’s statement in the SEC filing. Cencora, however, confirmed that the cyberattack is unrelated to the recent Optum Change Healthcare ransomware attack, which has caused significant disruptions in pharmaceutical billing processes.

While the identity of the perpetrators remains unknown, no ransomware syndicates have claimed responsibility for the breach. Notably, a group named Lorenz purportedly breached Cencora in February 2023, during its tenure as AmerisourceBergen, specifically targeting data associated with the Animal Health division. As investigations continue, stakeholders await further developments regarding the breach’s scope and impact and the measures Cencora will undertake to bolster its cybersecurity posture and safeguard sensitive information in the future.

To delve deeper into this topic, please read the full article in BleepingComputer.