A month after news came out about PharMerica cyber attack, the US-based healthcare organization has started alerting its customers that their data could be at risk.
Consumer rights law firm Wolf Haldenstein Adler Freeman & Herz is investigating claims on behalf of customers of PharMerica Corporation.
According to a disclosure filed at the Office of the Maine Attorney General, the breach has compromised the personal information of approximately 5,815,591 individuals, including 35,068 residents of Maine.
The Money Message ransomware group added PharMerica to its list of victims on March 28. The company has disclosed that it became aware of the cyber attack on March 14.
PharMerica cyber attack explained
The PharMerica cyber attack, which occurred on March 12, 2023, was discovered on March 14, prompting immediate action, said a company letter sent on May 15.
The company launched an internal investigation and engaged cybersecurity advisors to assess the extent of the breach and secure their computer systems.
It was determined that an unknown third party had gained unauthorized access to PharMerica’s network between March 12 and March 13, potentially obtaining the personal information of affected individuals.
“On March 14, 2023, we learned of suspicious activity on our computer network. Upon discovering the cybersecurity incident, we promptly began an internal investigation and engaged cybersecurity advisors to investigate and secure our computer systems,” read the notice sent to the affected Maine residents.
“The investigation determined that an unknown third party accessed our computer systems from March 12-13, 2023, and that certain personal information may have been obtained from our systems as a part of the incident.”
The compromised data included sensitive details such as names, addresses, dates of birth, Social Security numbers, medications, and health insurance information.
PharMerica, in compliance with relevant laws, promptly initiated the process of notifying affected individuals about the breach. Written notifications were sent out on May 12, 2023, to inform them of the incident and guide them on safeguarding their personal information.
While no evidence suggests that the accessed information has been misused for fraudulent purposes or identity theft, PharMerica is taking the necessary precautions to ensure the security of affected individuals.
The company has undertaken comprehensive reviews of its data to identify the scope of the PharMerica cyber attack and has implemented enhanced technical security measures to prevent similar incidents.
PharMerica cyber attack and healthcare issues
PharMerica cyber attack is the latest entry in the long list of ransowmare attacks on healthcare sector. Since the last few years, cyber attacks on the healthcare sector have increased immensely. The PharMerica cyber attack is just one of the attacks we saw in 2023.
A joint alert by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) warned against paying ransom in the event of an attack.
“CISA, FBI and HHS do not recommend paying ransoms. Payment does not guarantee files will be recovered. It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities.”
These agencies have identified a significant and immediate threat of cybercrime targeting hospitals and healthcare providers, including the healthcare and public health (HPH) sector.
The primary goal of these attacks is financial gain through ransomware infections such as Ryuk and Conti, facilitated by malware like TrickBot and BazarLoader.
Considering the ongoing challenges posed by the COVID-19 pandemic, healthcare organizations must prioritize cybersecurity measures to protect their networks and ensure uninterrupted healthcare services. CISA, FBI, and HHS strongly advise healthcare providers to remain vigilant and implement timely and reasonable precautions to mitigate the risks associated with these threats.
PharMerica is currently addressing the repercussions of the PharMerica cyber attack. By taking swift action and notifying affected individuals, the company aims to assist them in safeguarding their personal information and reducing the likelihood of any potential misuse.
“Focus on awareness and training. Because end users are targeted, make employees and stakeholders aware of the threats—such as ransomware and phishing scams—and how they are delivered,” said the joint advisory.
“Additionally, provide users training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities.”