Octapharma Plasma, a major player in the biopharmaceutical industry, has confirmed that an April 2024 cyberattack resulted in a significant data breach, affecting the personal information of thousands of individuals.
The company, which specializes in plasma collection for life-saving treatments, discovered suspicious activity on its IT systems on April 17, 2024. Subsequent investigation revealed that an unauthorized party had acquired sensitive data, triggering an immediate response to contain the breach.
The breach investigation, supported by third-party cybersecurity experts and the FBI, concluded on August 2, 2024. Octapharma disclosed that data from their file-sharing systems had been compromised, potentially impacting the personal information of customers. The exposed data includes sensitive details such as:
- Full names
- Social Security numbers
- Driver’s license numbers
- Financial account numbers
- Health insurance information.
Due to the notification sample being submitted to the authorities in Iowa, it was clarified that 1,423 Iowa residents were impacted by the incident. However, it’s very likely that individuals from other regions were affected. CyberInsider has contacted Octapharma to learn the total number of affected customers, but we have not received a response yet.
Octapharma Plasma operates over 100 collection centers across the United States and is part of the larger Swiss-based Octapharma AG group. The company plays a crucial role in producing plasma-based therapies that are essential for treating patients worldwide.
The cyberattack in April led to a temporary shutdown of all their facilities, significantly disrupting their operations and potentially delaying medical therapies. The company, which has a large U.S. footprint, publicly acknowledged the incident at the time but did not confirm any data breach until now.
In response to the breach, Octapharma says it has taken several steps to mitigate the damage. The company secured its systems, enhanced its technical security safeguards, and offered two years of free credit monitoring and identity protection services to affected individuals through IDX. Additionally, affected individuals were advised to remain vigilant by monitoring their financial accounts and placing fraud alerts or credit freezes to safeguard against identity theft.
For individuals concerned about potential exposure of their personal information, Octapharma has set up a dedicated call center to address any questions. The company is also advising people to review their credit reports and take advantage of the free identity protection services offered.
Quad7 Botnet Develops New Attack Techniques and Infrastructure
Leave a Reply