Pharma giant hit by major cyberattack — Cencora confirms data was stolen

News
By published

Cencora confirms hackers making away with sensitive data

Data leak
(Image credit: Shutterstock/dalebor)

Cencora has confirmed suffering a data breach earlier this month which resulted in the theft of sensitive, personal data.

Cencora is a drug wholesale company and a contract research firm that was previously known as Amerisource Bergen. It was formed in 2001, after the merger of Bergen Brunswig and AmeriSource.

As picked up by BleepingComputer, the company filed an 8-K form with the Securities and Exchange Commission (SEC), in which it listed a few details about the attack.

Reader Offer: Save 61% on NordPass for Business

Reader Offer: Save 61% on NordPass for Business
NordPass provides an easy-to-use and highly secure solution that most businesses will love, according to Techradar editors. Plans start at less than $1.79 per user per month - plus get 3 months extra.

Preferred partner (What does this mean?) 

View Deal

No business disruptions

“On February 21, 2024, Cencora learned that data from its information systems had been exfiltrated, some of which may contain personal information,” the filing reads.

“Upon initial detection of the unauthorized activity, the Company immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts and external counsel.”

The filing further goes to state that the incident has so far had no material impact on Cencora’s operations, and that its IT systems “continue to be operational”. While it’s not explicitly stated, this would suggest that this was not a ransomware attack, but rather “just” information stealing.

“The Company has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations,” Cencora concluded in the filing. Last year, Cencora counted some 46,000 employees and brought in $262.2 billion in revenue.

Right now, the company isn’t sharing further details with the media, and is pointing them towards the SEC filing. Therefore, we don’t know if the threat actors reached out to Cencora after the incident with potential ransom demands, who the attackers are, or how they infiltrated the company infrastructure.

In a short statement to BleepingComputer, Cencora confirmed that this attack is in no way connected to the Change Healthcare ransomware attack that happened earlier this month.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
ransomware avast
The biggest addiction treatment provider in the US says it was hit by data breach
security
Ransomware gangs allegedly hit two major US healthcare firms, 300,000 patients have data stolen
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
Lock on Laptop Screen
United Healthcare data breach may have affected 190 million Americans
healthcare
Over a million clinical records exposed in data breach
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
59 organizations reportedly victim to breaches caused by Cleo software bug
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
ClinkCaim laptop

Laptop prototype with detachable AI webcam (but without a normal touchpad) wins award at the 'Oscars' of the design industry
See more latest
Most Popular
ClinkCaim laptop
Laptop prototype with detachable AI webcam (but without a normal touchpad) wins award at the 'Oscars' of the design industry
Compal Infinite Laptop
This laptop has a horizontal rollable display that extends to 18 inches, and I can't wait to try it
Silicon Motion MonTian 128TB SSD
More 128TB SSDs on the way, but they won't be cheaper: Key maker of NAND flash controllers says 128TB SSDs are shipping
Toshiba HDD Innovation Lab
How to make hard drives faster? Simple, just bunch dozens of them together, Toshiba says
Asus Ascent GX10
Asus debuts its own mini AI supercomputer: Ascent GX10 costs $2999 and comes with Nvidia's GB10 Grace Blackwell Superchip
Ray-Ban Meta Smart Glasses
Samsung's rumored smart specs may be launching before the end of 2025
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models