Massive Data Breach at PharMerica Corporation Exposes Millions of Patients’ Personal Information

• PharMerica Corporation, a Kentucky-based healthcare entity, has suffered a massive data breach affecting approximately 5.8 million individuals. Compromised data includes names, addresses, dates of birth, social security numbers, medications, and health insurance details.
• In response to the breach, PharMerica has initiated stringent security enhancements to their systems and is urging all affected individuals to monitor their credit reports closely for any signs of suspicious or fraudulent activity.

LOUISVILLE, KENTUCKY – A massive data breach has hit PharMerica Corporation, a Louisville-based healthcare entity, impacting a staggering 5,815,591 individuals. The breach, which occurred on March 12, 2023, was detected on March 21, 2023, marking a significant lapse in the company’s cybersecurity.

The breach was the result of an external system hack, which compromised sensitive personal information of patients, including names, addresses, dates of birth, social security numbers, medications, and health insurance details. The alarming number of affected individuals and the nature of the compromised data put this breach among one of the most significant in recent times.

PharMerica Corporation learned of suspicious activity on its computer network on March 14, 2023, and immediately launched an internal investigation. Additionally, cybersecurity advisors were engaged to ascertain the extent of the breach and secure the compromised systems.

The investigation revealed that an unknown third party had accessed the company’s computer systems between March 12-13, 2023, potentially obtaining sensitive patient information in the process. The firm has been conducting a comprehensive review of the potentially affected data to identify the individuals affected.

PharMerica, in a notification letter, stated, “While we have no reason to believe that anyone’s information has been misused for the purpose of committing fraud or identity theft, we are writing in accordance with relevant law to advise you about the incident.”

In response to the breach, PharMerica has enhanced its technical security measures to prevent similar incidents in the future. The company is urging all affected individuals to monitor their credit reports for suspicious activity and is providing guidelines for placing requests with national credit reporting agencies to flag potential fraudulent activity.

Shareholder Michael Waters, who also serves as the attorney for the company, submitted the breach notification. He emphasized PharMerica’s commitment to privacy, stating, “PharMerica values and respects the privacy of your information, which is why we are writing to advise you of an incident that may have involved some of the above-referenced individual’s personal information.”

PharMerica Corporation is a leading provider of pharmacy services in the United States. It serves a wide range of healthcare facilities including skilled nursing centers, assisted living communities, hospitals, and other long-term care facilities. The company specializes in offering comprehensive pharmaceutical services such as medication management, emergency services, consulting, and resident medication reviews. PharMerica operates numerous institutional pharmacies nationwide and is dedicated to providing exceptional service, ensuring that healthcare facilities and their patients receive optimal therapeutic outcomes.