[Security News] Data breach from Healthcare industry and Transport Agency

Security weekly, security news, CentroMed, Cencora, ATLAS, Transport Agency

May 29, 2024


1. CentroMed suffers second healthcare data breach

An unauthorized party accessed and acquired files pertaining to current and former CentroMed patients, resulting in a healthcare data breach. CentroMed notified 400,000 individuals of a healthcare data breach that occurred in May 2024. CentroMed also suffered a breach in June 2023, which impacted 350,000 individuals at the time. The breach involved patient names, addresses, Social Security numbers, financial account information, health insurance information, diagnosis information, dates of birth and claims data.

Sources: Health IT Security, The Cyber Express, SC Magazine


2. Cencora data breach exposes US patient info from 11 drug companies

Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. At the time, the company opted not to share any additional information regarding the incident and its potential impact on its clients. Also, no ransomware groups ever assumed responsibility for the attack. The data breach notices warn that Cencora’s internal investigation, which concluded on April 10, 2024, confirmed that the following information had been exposed: full name, address, health diagnosis, medications, and prescriptions.

Sources: Bleeping Computer, The Register, Reuters



The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Sources: Security Affairs, SC Media


4. Transport Agency privacy breach: 1500 motorists’ information illegally accessed

The New Zealand Transport Agency is investigating a privacy breach involving illegal access of information held on driver licence and motor vehicle registers, including full names and addresses, or the status, conditions and endorsements on driver licences. The Transport Agency (NZTA) is contacting 1480 people to tell them their driver licence register or motor vehicle register has been illegally accessed.

Sources: RNZ, Sun Live



Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security

Click here for inquiries regarding the partner system of Penta Security

Check out the product lines of  Cloudbric by Penta Security:

Cloud-based Fully Managed WAAP: Cloudbric WAF+

Agent based Zero Trust Network Access Solution: Cloudbric PAS

Agentless Zero Trust Network Access Solution: Cloudbric RAS

Blockchain: Blockchain Security Solution

Click here for inquiries regarding the partner system of Cloudbric