According to a previous 8K filing with the U.S. Securities and Exchange Commission (SEC) on February 21, 2024, Cencora said it “learned that data from its information systems had been exfiltrated, some of which may contain personal information.”
The company initiated containment measures, launched an investigation with third-party cyber forensics, and notified relevant law enforcement agencies. Cencora also disclosed that the cyber attack did not disrupt the company’s computer systems.