Pharma Giant ExecuPharm Suffers Data Breach/Ransomware Combo
According to major US pharmaceutical firm ExecuPharm, the company was hit by a cyberattack on March 13 in which threat actors attacked the company’s IT systems with ransomware and demanded payment in return for decryption. The pharmaceutical firm stated that their servers were encrypted as a result of the attack and that corporate and employee data was stolen.
ExecuPharm notified the breach to the Office of the Vermont Attorney General, stating that employees also received phishing emails from the attackers. After an investigation, the pharmaceutical firm found that the individuals behind the encryption and phishing emails accessed and potentially shared personal information relating to ExecuPharm employees. Information stolen may include social security numbers, taxpayer IDs, driver’s license numbers, passport numbers, credit card numbers, bank account details, and beneficiary information.