Major U.S. pharmaceutical firm Cencora has disclosed that more personal and protected health information had been stolen than initially reported during a February cyberattack against a patient support services subsidiary, according to The Record, a news site by cybersecurity firm Recorded Future.
No additional details were provided regarding the additional compromised data, the impact of the incident, or the affected subsidiary. However, Cencora, formerly known as AmerisourceBergen, noted in a filing with the Securities and Exchange Commission that there has been no evidence indicating the exposure of the exfiltrated information. Operations of the company were also unaffected by the incident while individuals whose data had been impacted have already been notified, the filing showed. Such a development comes after Cencora has been suspected to be the Fortune 50 firm reported by Zscaler ThreatLabz to have paid a record-breaking $75 million ransom to the Dark Angels ransomware operation earlier this year. Cencora has neither confirmed nor denied being embroiled in ransomware attack.
