PharMerica Hacked – Over 5 million Patients record stolen

Reports indicate that PharMerica Healthcare has faced a data breach resulting in 5.8 million records being exposed.

PharMerica is one of the Fortune 1000 companies that provide Pharmacy management services to customers worldwide. It has a revenue of $2.1B annually, with around 5000 employees working worldwide.

According to the data breach report, PharMerica Corporation, located in Kentucky, US, was attacked by threat actors and has stolen patients’ sensitive information.

The Attorney General’s Office’s report suggests that the breach happened on 12th March and was discovered on 21st March.

On March 28th, 2023, the Money Message ransomware group claimed responsibility for this data breach and threatened to leak the data to the public if the company refused to meet its demands.

Money Message claiming responsibility for the breach

According to the Money Message ransomware group, nearly 4.7TB of data was stolen that includes Social Security Numbers (SSNs), health information, and medical records of victims, which were published on the Clearnet hacking forum when the threat actors’ deadline for the ransom expired.

Data Leaked by Threat actors on April 9th 2023

The Data breach notification by PharMerica stated, “While we have no reason to believe that anyone’s information has been misused for the purpose of committing fraud or identity theft, we are writing in accordance with relevant law to advise you about the incident and to provide you with guidance on what you can do to protect the above-referenced individual, should you feel it is appropriate to do so.”

The investigation is still ongoing for this data breach, and PharMerica stated that they are working with cybersecurity experts to resolve this issue.

It is high time for organizations to make a note of these ransomware groups and take necessary measures to prevent these kinds of data breaches in the future.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.