May 28, 2024 at 07:03AM
Pharmacy prescription services provider A&A Services, known as Sav-Rx, is notifying 2.8 million individuals of a cyberattack compromising personal information. Though patient care wasn’t disrupted, non-clinical system data was accessed, including names, addresses, email/phone numbers, and Social Security/insurance ID data. The company is not disclosing whether ransomware was used but is offering free credit monitoring and identity theft restoration services.
From the meeting notes, it is clear that Sav-Rx, a pharmacy prescription services provider, has experienced a data breach impacting approximately 2.8 million individuals. The breach occurred on October 8, 2023, and unauthorized access to non-clinical systems resulted in the exfiltration of personal information, including names, addresses, dates of birth, email addresses, phone numbers, Social Security numbers, eligibility data, and insurance identification numbers.
However, it’s worth noting that no clinical or financial information was compromised in the attack, and Sav-Rx has not disclosed whether file-encrypting ransomware was deployed or the identity of the threat actor. The company did mention in its notification letter that a ransom might have been paid to prevent the stolen information from being shared with other cybercriminals.
Sav-Rx is taking steps to address the breach, including providing the affected individuals with two years of free credit monitoring and identity theft restoration services. The company is also encouraging vigilance for any suspicious activity on their accounts.
I will continue to monitor for any updates from Sav-Rx related to this data breach and keep the team informed.