The Cencora data breach resulted in unauthorized access and theft of data from its corporate IT systems. Formerly identified as AmerisourceBergen, Cencora plays a key role in the pharmaceutical industry by providing drug distribution and healthcare solutions to doctor’s offices, pharmacies, and animal health services.
What’s the extent of the Cencora data breach?
The company, which reported a revenue of $262.2 billion for the fiscal year 2023 and employs roughly 46,000 staff, disclosed this security breach in a Form 8-K filing with the SEC, highlighting the significant cybersecurity challenge it faced.
“On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information,” states the SEC filing.
The company says that the Cencora data breach has been contained, and efforts are currently underway in collaboration with law enforcement, external cybersecurity specialists, and legal advisors to thoroughly investigate the breach. Following the initial detection of unauthorized access, the company promptly implemented containment measures and launched a comprehensive investigation with the support of external experts.
As of now, Cencora has yet to ascertain whether this security breach will have a significant financial or operational impact on their business. Nevertheless, they have clarified that this cyberattack is distinct from the Optum Change Healthcare cyber attack, which resulted in widespread disruptions in pharmaceutical billing services.
“We have no reason to believe there is a connection between the incident at Change and the unauthorized activity at Cencora,” the company told to BleepingComputer.
Currently, details regarding the identity of the perpetrators behind the Cencora data breach remain undisclosed, with no ransomware groups coming forward to claim responsibility.
Interestingly, a ransomware collective known as Lorenz had previously alleged an infiltration of Cencora (then AmerisourceBergen) in February 2023, purporting to have exfiltrated data specifically from the company’s Animal Health division.
What happens if personal data is leaked?
When personal data is leaked in such cases as the Cencora data breach, it can lead to a range of adverse consequences for both the individuals affected and the entity responsible for safeguarding the data. Here are some potential outcomes and impacts of a personal data leak:
For individuals:
- Identity theft: Malicious actors can use personal information such as Social Security numbers, addresses, and birthdates to steal identities, open fraudulent accounts, or apply for credit in the victim’s name.
- Financial loss: Bank account details or credit card information can be used to make unauthorized transactions, leading to financial loss for the individual.
- Privacy invasion: Sensitive personal information, when exposed, can lead to privacy invasion, with individuals potentially experiencing harassment or blackmail.
- Reputational damage: The leak of personal data, especially sensitive information like medical records or private communications, can damage an individual’s reputation.
- Psychological stress: Being a victim of a data breach like the Cencora data breach can lead to anxiety, stress, and a feeling of vulnerability or violation.
For organizations:
- Legal repercussions: Companies may face lawsuits, fines, and penalties for failing to protect consumer data, especially in jurisdictions with strict data protection laws like the GDPR in the European Union.
- Financial costs: Beyond potential fines, organizations may incur significant expenses in addressing the breach, including investigation costs, measures to mitigate the breach’s impact, and compensations for affected individuals.
- Loss of trust: A data breach can erode consumer trust and loyalty, which can be difficult and costly to rebuild. Customers might choose to take their business elsewhere.
- Reputational damage: The public perception of a company can be severely damaged by a data breach, affecting its brand and long-term profitability.
- Operational disruptions: Responding to a data breach can divert resources from normal business operations, leading to disruptions and loss of productivity.
What to do with a data breach?
When incidents such as Cencsora data breach happen, immediate action is crucial.
- First, contain the breach to prevent further data loss by securing your systems and identifying the breach’s source.
- Notify affected individuals and relevant authorities as required by law, providing details about what was compromised and advice on protective measures.
- Assess the situation by conducting a thorough investigation with cybersecurity experts to understand the breach’s scope and cause.
- Strengthen your security posture to prevent future incidents by updating security protocols and training employees on data protection.
- Lastly, maintain transparent communication with all stakeholders throughout the process to rebuild trust and demonstrate commitment to security.
Image credits: Kerem Gülen/Midjourney