CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches·Ransomware

2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx

Pharmacy prescription services provider Sav-Rx says the personal information of 2.8 million was stolen in a cyberattack. The post 2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx appeared first on SecurityWeek.

Pharmacy prescription services provider A&A Services, which operates as Sav-Rx, is notifying roughly 2.8 million individuals that their personal information was compromised in a cyberattack.

The incident, the organization said, occurred on October 8, 2023, when it identified an interruption to its computer network, and was immediately contained, with the impacted systems restored the next business day.

“The disruption to our IT systems did not result in any material disruption to patient care. Prescriptions were shipped on time and without delay. Our adjudication system was not affected so network pharmacy claims adjudicated continuously without impact or delay,” Sav-Rx said.

According to the company, however, the attackers accessed non-clinical systems containing personal information and exfiltrated data from them.

The compromised information includes names, addresses, dates of birth, email addresses, phone numbers, Social Security numbers, eligibility data, and insurance identification numbers. No clinical or financial information was compromised in the attack.

The company informed the Maine Attorney General’s office that 2,812,336 individuals were impacted by the data breach.

What Sav-Rx did not say, however, was whether file-encrypting ransomware was deployed during the attack.

The company did not share information on the threat actor responsible for the incident either, but the notification letter suggests that a ransom was paid out to ensure that the stolen information is not shared with other cybercriminals.

“Once we identified the interruption, we took immediate action to investigate, and we worked in conjunction with outside cybersecurity experts to contain the incident and confirm any data acquired from our IT System was destroyed and not further disseminated,” the notification letter reads.

SecurityWeek has emailed Sav-Rx for additional information on the data breach and will update this article as soon as a reply arrives.

The company is providing the affected individuals with two years of free credit monitoring and identity theft restoration services and encourages them to remain vigilant for any suspicious activity on their accounts.

Sav-Rx is a pharmacy benefit manager (PBM) firm that administers prescription drug programs on behalf of various health plans and organizations in the US.

Related: 400,000 Impacted by CentroMed Data Breach

Related: 2.4 Million Impacted by WebTPA Data Breach

Related: MediSecure Data Breach Impacts Patient and Healthcare Provider Information

Latest News

CYBERNEWSMEDIAPublisher