Security Affairs
U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Pharmaceutical giant Cencora discloses a data breach

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001. […]

Signature Healthcare

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure.

Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack.

Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001. The Company had $238.6 billion in revenue for fiscal year 2022 and had approximately 44,000 employees.

The company discovered the security breach on February 21 and immediately launched an investigation into the incident.

“On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information. Upon initial detection of the unauthorized activity, the Company immediately took containment steps and commenced an investigation with the assistance of law enforcement, cybersecurity experts and external counsel.” Form 8-K filing with the Securities and Exchange Commission (SEC). “As of the date of this filing, the incident has not had a material impact on the Company’s operations, and its information systems continue to be operational. The Company has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.”

In the Form 8-K filing with the SEC, Cencora said that the cyberattack had no material impact on the Company’s operations.

The company did not provide details about the attack, it’s unclear if Cencora was hit by a ransomware attack.

Organizations in the healthcare sector are at risk of cyberattacks, a cybersecurity alert published by the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks.

In a recent ALPHV/Blackcat ransomware attack, the group hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform.

Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. Optum Solutions operates the Change Healthcare platform, which serves as a critical payment exchange platform for the US healthcare system.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, healthcare sector)