Cencora has so far notified over a million people around the U.S. that their personal and protected health information was compromised in a data breach earlier this year.
The pharmaceutical giant in May said that a February incident resulted in the compromise of patients’ data, which Cencora obtained through partnerships with drug makers it works with in connection with its patient support programs. Some of those drug makers include AbbVie, Bayer, Pfizer and Regeneron.
Read more…
Source: TechCrunch
Related:
- New Zealand: Second health provider, Canopy Health, hit in major cyber attack
January 12, 2026
Patients caught up in the CanopyHealth data breach are furious that it took the company six months to tell them about it. On Monday, it was revealed the leading private provider doing breast cancer diagnosis and treatment took six months to notify some patients or the public of a major cyber attack on its systems. In ...
- Instagram says there’s been ‘no breach’ despite password reset requests
January 11, 2026
Instagram says that although some users received suspicious-looking password reset requests, it has not been breached. That seemingly contradicts a Friday Bluesky post from antivirus software company Malwarebytes, which shared a screenshot of an email from Instagram informing users of a request to reset their password. The post claimed, “Cybercriminals stole the sensitive information of 17.5 ...
- UK government exempting itself from flagship cyber law inspires little confidence
January 10, 2026
From May’s cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government. The scale extends far beyond these high-profile cases: the NCSC reports that 40 percent of attacks it managed between September 2020 and August 2021 targeted the public sector, a figure expected to ...
- Illinois health department exposed over 700,000 residents’ personal data for years
January 8, 2026
The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents. The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the ...
- One million customers on alert as extortion group claims massive Brightspeed data haul
January 7, 2026
US fiber broadband company Brightspeed is investigating claims by the Crimson Collective extortion group that it stole sensitive data belonging to more than 1 million residential customers, including extensive personally identifiable information (PII), as well as account and billing details. Brightspeed is one of the largest fiber broadband providers in the US and serves customers across ...
- Hacktivist deletes white supremacist websites live onstage during hacker conference
January 5, 2026
A hacktivist remotely wiped three white supremacist websites live onstage during their talk at a hacker conference last week, with the sites yet to return online. The pseudonymous hacker, who goes by Martha Root — dressed as Pink Ranger from the Power Rangers — deleted the servers of WhiteDate, WhiteChild, and WhiteDeal in real time ...