Cyber Incident Victim: Caremed Specialty Pharmacy

On November 14, 2017, suspicious activity involving an employee email account was identified at CareMed Specialty Pharmacy and its affiliate Onco360, both subsidiaries of PharMerica. The organizations engaged independent computer forensic experts to investigate the incident. By November 30, 2017, forensic analysis confirmed unauthorized access to three employee email accounts. A subsequent review of these compromised accounts continued until January 8, 2018, when investigators determined that a limited number of emails contained protected patient information. The exposed data included demographic details, medication information, clinical treatment records, health insurance data, and Social Security numbers. A very small subset of affected individuals also had financial account information potentially compromised. There was no evidence suggesting misuse of any accessed information at the time of discovery.

CareMed and Onco360 implemented corrective measures immediately after identifying the breach, including resetting email account passwords and enhancing email security protocols. They provided additional employee training on recognizing suspicious emails and reported the incident to law enforcement authorities. Beginning January 12, 2018, all affected patients received notifications about the data exposure. As a precautionary measure, the companies offered complimentary credit monitoring and identity protection services through ID Experts to impacted individuals. Patients were advised to monitor their credit reports and financial statements for unauthorized activity. A dedicated call center (800-761-7902) operated weekdays from 8 a.m. to 8 p.m. EST was established to address patient inquiries, with alternative communication options available through mailed correspondence to the Louisville-based compliance office.