U.S. drug wholesaler Cencora Inc (NYSE: COR), formerly AmerisourceBergen, is notifying affected individuals about their personal and highly sensitive medical information stolen during a cyberattack earlier this year.
The healthcare giant revealed that the breached data includes patient names, postal addresses, dates of birth, health diagnoses, and medication details.
In letters this week, TechCrunch reported that Cencora had obtained patients' data through partnerships with other drug makers as part of its patient support programs.
These partnerships include pharmaceutical companies such as AbbVie Inc (NYSE: ABBV), Acadia Pharmaceuticals Inc (NASDAQ: ACAD), Bayer AG (OTC: BAYZF), Novartis AG (NYSE: NVS), and Regeneron Pharmaceuticals Inc (NASDAQ: REGN), among others.
The nature of the cyberattack, which began on February 21, has not been disclosed.
After filing a notice with government regulators, Cencora publicly acknowledged the breach on February 27.
Despite the disclosure, the company has not revealed how many individuals were affected or how many have been notified to date.
Mike Iorfino, a spokesperson for Cencora, confirmed these details in an email to TechCrunch.
This incident is the latest in a series of cyberattacks targeting the U.S. healthcare sector. Recently, UnitedHealth Group Inc (NYSE: UNH)-owned Change Healthcare and Ascension's hospital network experienced significant breaches and operational disruptions.
However, Cencora maintains "no connection" between its incident and those affecting Change Healthcare and Ascension.
As a major distributor, Cencora handles around 20% of pharmaceuticals sold and distributed in the United States.
Price Action: COR shares are down 0.41% at $217.70 at the last check on Friday.