PharMerica is a nationwide health services company that works with pharmacies and private medical practices. With approximately 2,500 health facilities and 3,100 pharmacies under its umbrella, this company handles data for a huge number of patients. The company got hit by a major data breach and lost a significant amount of data as a result.
The hacker gang known as Money Message broke into the data network owned by PharMerica and took a huge number of files from the network. This ransomware gang likely demanded payment from the medical services company to get the files back and to keep from spreading them around the internet, but there is no way of knowing whether the company decided to pay the ransom or not.
It wasn't until March 14, 2023, that the company knew anything about the data breach. The actual breach went on from March 12 until March 13, 2023. During those two days, as much as 4.7 million terabytes of data were taken, making this the largest data breach, including HIPAA data, to take place in 2023 so far.
Millions of medical patients from all over the country were impacted by this data breach. Anyone put at risk by the breach will be informed by an individual notice sent to them. If you receive a letter from PharMerica, you have access to 12 months of complimentary identity theft protection services to rely on.
There isn't a record of the PharMerica documents taken based on the file count. We know that more than 4.7 million terabytes of data were taken, meaning that a massive number of documents, database entries, and more were taken in this breach, affecting millions of patients around the US.