Ransomware Attack Exposes 5.8 Million Pharmaceutical Records of PharMerica Corporation

A breach notification was filed with the Maine Attorney General’s Office for the first time, revealing data theft. The breach was discovered on March 21st, however, had taken place 11 days prior, on March 12th. During a ransomware attack last week, 5.8 million patient records from PharMerica Corp. were stolen and published online.

The first indication of data theft was provided in a breach notice filed with the Maine Attorney General’s Office. This breach was discovered on March 21st after occurring on March 12th. PharmaMerica Corp., a Fortune 1000 company and pharmacy services provider, has been attacked by ransomware. This has resulted in the theft and publication of healthcare data from 5.8 million patients. Even though the company did not disclose the exact nature of the attack, it is described as an “external system breach (hacking)” in the breach notification.

PharMerica has stated the data breach occurred on March 12th, contrary to the breach notice, which indicates a discovery date of March 21st. Personal details, including names, addresses, date of birth, social security numbers, medications, and health insurance details, were stolen.

According to the breach notification letter, there has been no evidence of fraud or identity theft using personal information. However, that may not have been the best of intentions, given that the ransomware group responsible for the attack has already made the stolen information public.

As reported today by Bleeping Computer, the ransomware gang Money Message took responsibility for the attack on March 12th. According to the group, they breached BrightSpring, a healthcare provider that merged with PharMerica in 2019. The hacker group abandoned all stolen records on a hacking website after failing to secure a ransom payment by April 9th, the deadline for payment.

A new ransomware gang known as Money Message has been detected since March. After claiming responsibility for the attack, this group attacked Taiwanese hardware manufacturer Micro-Star International Co Ltd in April.

“This is a devastating data breach both in terms of size and the severity of what was leaked,” said Comparitech consumer privacy advocate Paul Bischoff. “ Social Security and health insurance information poses the most immediate threat. They could be used for identity theft and medical benefits fraud.”

He explained that identity thieves might attempt to obtain credit in the name of the deceased, “who obviously aren’t going to check their credit reports. That puts the onus of responsibility on relatives, who could be on the hook for the deceased’s debts. I suspect this attack disproportionately affects the elderly as well, who are frequently targeted by fraud.”

Suggested Read:

THE NAIVAS DATA BREACH | A WAKE-UP CALL FOR FIRMS TO FOLLOW PRIVACY LAWS