On May 17, 2024, Cencora, Inc. filed a notice of data breach with the Attorney General of Massachusetts after learning that a cyberattack targeting the company’s IT network resulted in an unauthorized party being able to access information belonging to individuals taking part in the Bristol Myers Squibb Patient Assistance Foundation (“Bristol Myers Squibb”). In this notice, Cencora explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, dates of birth, health diagnoses, medications, and prescriptions. Upon completing its investigation, Cencora began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Cencora, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Cencora / Bristol Myers Squibb data breach. For more information, please see our recent piece on the topic here.
What Caused the Data Breach Affecting Bristol Myers Squibb Customers?
The Bristol Myers Squibb / Cencora data breach was only recently announced, and more information is expected in the near future. However, Cencora’s filing with the Attorney General of Massachusetts provides some important information on what led up to the breach. According to this source, Cencora works with pharmaceutical companies, including Bristol Myers Squibb, to facilitate access to therapies through drug distribution, patient support and services, and other services.
After learning that sensitive consumer data was accessible to an unauthorized party, Cencora reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, date of birth, health diagnosis, medications, and prescriptions. Notably, no Bristol Myers Squibb systems were compromised, as all leaked information was obtained from Cencora’s systems.
On May 17, 2024, Cencora sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Cencora, Inc. & Bristol Myers Squibb
Cencora, Inc., formerly known as AmerisourceBergen, is a drug wholesale company and a contract research organization based out of Conshohocken, Pennsylvania. Cencora provides drug distribution and consulting services related to medical business operations and patient services. The company also distributes brand name and generic medications, healthcare products, and home healthcare supplies to healthcare providers. Cencora also provides pharmaceuticals and pharmacy services to patients in long-term care facilities, patients receiving workers' compensation and patients requiring specialty medications. Cencora employs more than 42,000 people and generates approximately $271 billion in annual revenue.
Bristol Myers Squibb is a pharmaceutical company based out of Princeton, New Jersey. Bristol Myers Squibb manufactures prescription pharmaceuticals and biologics in several therapeutic areas, including cancer, HIV/AIDS, cardiovascular disease, diabetes, hepatitis, rheumatoid arthritis, and psychiatric disorders. Bristol Myers Squibb employs over 34,000 people and generates over $44 billion in annual revenue.
