Cencora, Inc. and its Lash Group affiliate recently disclosed a data breach involving personal information previously held by CareDx. The breach, which was detected on February 21, 2024, led to unauthorized exfiltration of data from Cencora’s systems. While there is no evidence that the information has been misused or exposed publicly, the breach involved personal data such as names, addresses, dates of birth, Social Security numbers, and diagnostic test information.
Upon discovering the breach, Cencora took immediate steps to contain the situation, involving law enforcement, cybersecurity experts, and legal counsel to investigate the incident. By May 8, 2024, the company confirmed that some personal data might have been compromised. They notified CareDx of the breach on May 22, 2024, to ensure transparency and further investigation.
The investigation revealed that not all data elements were affected for every individual, and there was no evidence of misuse of the information. To address the potential risk, Cencora is offering affected individuals access to Experian IdentityWorksSM credit monitoring and remediation services for 24 months at no cost. This includes credit file alerts and proactive fraud assistance.
Cencora is also working on reinforcing its cybersecurity measures to prevent future incidents. The company remains committed to safeguarding personal information and providing resources to help affected individuals protect themselves against potential identity theft and fraud.
Reference:
