- I tested a Pixel Tablet without any Google apps, and it's more private than even my iPad
- My search for the best MacBook docking station is over. This one can power it all
- This $500 Motorola proves you don't need to spend more on flagship phones
- Finally, budget wireless earbuds that I wouldn't mind putting my AirPods away for
- I replaced my Linux system with this $200 Windows mini PC - and it left me impressed
Cencora Confirms Patient Data Stolen in Cyber-Attack
Pharmaceutical company Cencora has confirmed sensitive personal and health data was exfiltrated in the cyber-attack in February 2024 suffered by the firm.
In an updated filing to the US Securities and Exchange Commission (SEC) on July 31, Cencora said its investigation into the attack revealed that additional data, beyond what was initially identified, had been exfiltrated.
This included personally identifiable (PII) and protected health information (PHI) of individuals, most of which is maintained by a subsidiary company that provides patient support services.
The company said it has notified potentially impacted individuals and will provide any additional required notifications as it continues to review the exfiltrated data.
The filing did not state the number of people impacted by the breach or name the subsidiary firm.
There is currently no evidence that the data has been published or misused by the attackers.
Cencora said it believes it has contained the incident and remediation efforts are ongoing.
“The Company is working with cybersecurity experts to reinforce its systems, strengthen its surveillance of cybersecurity threats and prevent unauthorized occurrences on or conducted through its IT systems,” Cencora added.
The incident has not materially impacted company operations and its information systems remain fully operational.
Healthcare Under Attack
The Cencora breach is one of a vast number of cyber-attacks to target healthcare services in 2024, many of which have had significant impacts on patient care.
The Change Healthcare ransomware attack in February caused delays in prescription and other disruptions to patient care. The incident also exposed the personal data of millions of Americans.
A separate ransomware attack on US private healthcare provider Ascension in May led to ambulances being diverted and patient appointments postponed.
On July 31, US blood donation center OneBlood issued an urgent appeal for blood donation following a ransomware attack. The cyber-attack significantly reduced OneBlood’s capacity to collect, test and distribute blood to hospitals in Southeastern US.
In the UK, a ransomware attack on pathology provider Synnovis in June continues to severely impact NHS hospital services.
Image credit: JHVEPhoto / Shutterstock.com
