AmerisourceBergen, a major player in the healthcare industry, has confirmed that hackers have infiltrated the IT system of one of its subsidiaries. This was first reported by security researcher Dominic Alvieri, who noticed that the Lorenz ransomware gang had listed AmerisourceBergen and their allegedly stolen data on its extortion site. AmerisourceBergen has stated that the intrusion has been contained and they are currently investigating whether any sensitive data has been compromised. It is believed that the breach happened a few months ago, as the threat actors set the post date to November 1, 2022. Lorenz ransomware operators have been known to exploit critical flaws in Mitel telephony systems to gain access to corporate networks, and then remain dormant until they are ready to use the backdoor for data exfiltration and encryption. Last year, they attacked the multinational defense contractor Hensoldt, resulting in the theft of internal documents.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 08 Feb 2023 15:00:03 +0000