Millions of PharMerica customers hit in ransomware attack

Large amounts of sensitive data stolen in PharMerica attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The Money Messageransomwaregang has struck again, now leaking terabytes of sensitive data belonging to a major pharmacy provider in the United States.

PharMerica recently fileda notificationwith the Office of the Maine Attorney General, noting that it suffered a data breach on March 12, in which sensitive data on almost six million patients were stolen.

The data taken include people’s names, postal addresses, birth dates, Social Security Numbers (SSN), any drugs they used or might be using, and health insurance information.

PharMerica data leak

PharMerica spotted the attack two days later and concluded its investigation a week later on March 21 when it realized the attackers made off with sensitive company data.

It took the organization some three weeks to notify its affected customers, as the emails started going out on May 12, which PharMerica offering victims a year of Experian’sidentity protectionservices.

The company did not initially reveal who was behind the attack, or what the threat actors’ goal was, but in late March 2023, the Money Message ransomware group started publishing the data on its leak site. The group says it stole 4.7 terabytes of data, which included 1.6 million unique pieces of personal data.

Clop ransomware may have infected even more victims than previously thought>Saks Fifth Avenue becomes latest Clop ransomware victim>Check out the best malware protection right now

Subsequent negotiations with the victims obviously broke down, as in early April the group released everything it had taken. BleepingComputer claims the data is still available for download. The entire database can be found on a clearnet (publicly accessible) hacking forum, split into 13 parts.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Money Message started making a name for itself earlier this year, when it was found targeting large organizations with ransomware and demanding huge payouts (1M+). One of its first victims was an Asian airline with almost a billion dollars in annual revenue.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

I’ve been covering Apple Watch deals for years – This is the one model most people should buy on Black Friday