December 3, 2023

PharMerica, a pharma service provider, has been hit by a ransomware attack, with data from 5.8 million patients stolen and published online.

According to the breach notice, the breach occurred on March 12 and was not discovered until March 21. Although the company did not disclose the exact form of the attack, it is described in the breach notice as an external system breach.

The information stolen included names, addresses, Social Security numbers, medication details, and health insurance information. The ransomware group behind the attack has already published the stolen data.


Money Message ransomware gang claimed responsibility for the attack on March 28. The group also claims to have breached BrightSpring, a health service provider that merged with PharMerica in 2019. After a ransom payment was not forthcoming by April 9, the cut-off date for payment, the group dumped all the stolen records on a hacking site.

The Money Message ransomware gang is a new group that was first detected in March. The group first came to prominence after claiming responsibility for an attack on Taiwanese hardware manufacturer Micro-Star International in April.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: