Cambrex Corporation, a leading global contract development and manufacturing organization, has reported a significant data breach. This New Jersey-based company, founded in 1981, provides comprehensive drug development and manufacturing services. The breach, discovered on November 8, 2023, potentially exposed sensitive personal identifiable information (PII) and protected health information (PHI) of over 2,000 individuals. Information at risk includes names, Social Security numbers, driver’s license details, financial account information, and medical records.
The company conducted a thorough investigation and determined that an unauthorized actor accessed this sensitive information. Cambrex began notifying the affected individuals on May 20, 2024, ensuring transparency and prompt action in response to the breach. Cambrex has been proactive in addressing the situation, offering support and resources to those impacted. The breach highlights the critical importance of robust cybersecurity measures and the potential consequences of cyber attacks on personal data.
The breach notification, filed by William Ridgway, counsel for Cambrex from Skadden, Arps, Slate, Meagher & Flom LLP, detailed the nature and scope of the breach. The report confirms that 2,053 individuals, including two Maine residents, were affected. While the company has taken steps to mitigate the damage, the incident underscores the ongoing challenges faced by organizations in safeguarding sensitive information against cyber threats. Cambrex continues to work with cybersecurity experts to enhance their security protocols and prevent future incidents.
