PharMerica, one of the largest pharmacy service providers in the US, has revealed its IT systems were breached – and it’s feared the intruders stole personal and healthcare data belonging to more than 5.8 million past customers
The cyber heist happened around March 12, when “an unknown third party” gained access to computer systems and may well have grabbed patients’ info including names, dates of birth, Social Security numbers, medication lists and health insurance information, according to a notice on PharMerica’s website.
A sample breach notification letter [PDF] submitted to the Maine Attorney General is addressed to “Administrator/Executor of the Estate of” – meaning at least some of the sensitive information stolen in the breach belonged to people who are dead. This, of course, won’t stop cyber criminals from stealing their identities and using their names and personal identifiers to commit fraud.
PharMerica, which operates more than 180 long-term care and specialty pharmacies in 50 states, said it and parent company BrightSpring Health Services first spotted the suspicious network activity on March 14.