Amgen recently notified the Attorney General of California about a data breach involving sensitive personal and protected health information. The breach occurred due to an incident with one of its third-party service providers, Sirva, Inc., which experienced suspicious activity within its network between August 16, 2023, and October 17, 2023. Sirva initiated an investigation upon discovering the suspicious activity, and after completing their review, they concluded that personal data belonging to Amgen could have been accessed by unauthorized individuals. On August 8, 2024, Sirva informed Amgen of the breach, which led to the company sending notifications to affected individuals.
The types of information that may have been compromised in the breach are extensive and include personally identifiable information (PII), financial data, employment details, and medical information. Affected individuals may have had their names, Social Security numbers, dates of birth, gender identification, financial account details, and credit card information exposed. Additionally, some individuals’ medical or health information, including taxpayer identification numbers and passport data, could have been compromised. This breach has raised concerns about the security of sensitive data managed by third-party service providers and highlights the risks associated with outsourcing critical functions.
In response to the breach, Amgen has taken immediate steps to support impacted individuals. The company began mailing out breach notification letters on September 25, 2024, informing those affected about the specific information exposed and offering them complimentary credit monitoring services. This service aims to mitigate potential risks of identity theft and fraud resulting from the breach. Amgen has also provided affected individuals with detailed information about the type of personal data involved, allowing them to better understand the scope of the breach and take appropriate measures to protect themselves.
Amgen, headquartered in Thousand Oaks, California, is a biotechnology research company with a strong global presence. The company, founded in 1980, focuses on developing medicines for various diseases and conditions, including cancer, heart disease, and osteoporosis. It is listed on the Dow Jones Industrial Average® and the Nasdaq-100 Index®, reflecting its significant position in the biotechnology and pharmaceutical industries. The breach involving Sirva has raised awareness about the importance of securing third-party relationships, especially those handling sensitive personal and health information.
Reference:
