Ransomware Gang Steals Data of over 5.8 Million PharMerica Patients
Ransomware Gang Steals Data of over 5.8 Million PharMerica Patients

Pharmacy services provider PharMerica recently suffered from a major data breach that exposed the medical data of over 5.8 million patients in the US. The breach was by a ransomware gang Money Message illegally accessing PharMerica’s system and stealing sensitive information. The incident raises concerns about the security of online data and the increasing threats cybercriminals pose.

PharMerica’s Data Breach – Money Message

PharMerica operates 180 local and 70,000 backup pharmacies and provides pharmacy services across all 50 US states, catering to a whopping 3,100 medical facilities countrywide. The company recently experienced a data breach that compromised the personal and medical data of over 5.8 million patients.

According to a data breach notification sent to the Office of the Maine Attorney General, the data breach occurred on March 12th, 2023. Hackers stole full names, addresses, dates of birth, social security numbers (SSNs), medications, and health insurance information of more than 5.8 million people in the process.

The company discovered the intrusion on March 14th, 2023. It launched an investigation that concluded on March 21st that client data had been stolen. The data breach notices were sent to affected individuals on May 12th, 2023, which is over two months after the discovery of the data breach.

Money Message Ransomware Attack

Money Message claims the responsibility for the attack on PharMerica on March 28th, 2023, even though PharMerica did not disclose the type of hacking incident. Along with PharMerica, the hackers also targeted BrightSpring- a health service provider acquired by PharMerica in March 2019. According to Money Message, at least 1.6 million unique personal information records was part data theft.

On April 9th, 2023, the hackers published all the stolen data on their extortion site after the timer ran out. Regrettably, the files remain downloadable. To make matters worse, a hacker has uploaded the complete data dump onto a clearnet hacking forum. This is via segmenting it into 13 parts to facilitate downloading.

Data Protection and Prevention

PharMerica offers one year of identity protection fraud monitoring services via Experian. It is to mitigate the risk and impact of malicious attacks on affected individuals. The company urges impacted individuals to take up the offer to ensure their safety and data security. The incident highlights the importance of secure storage systems and the need for proactive measures to prevent such data breaches.


The PharMerica data breach is a serious concern. This becomes dangerous for the security of millions of patients’ personal and medical data. The incident emphasizes the need for increase in vigilance, data protection measures, and collaboration. As new ransomware gangs continue to emerge, it is essential to prioritize data security. It also important to actively combat online threats through effective cybersecurity strategies.