Sav-Rx Exposes Critical Data Breach Affecting 2.8 Million Americans: Urgent Safety Alert

Did you know that over 2.8 million people in the United States were affected by a data breach at prescription management company Sav-Rx? Their personal data was stolen in a 2023 cyberattack, and we want to make sure you’re aware of this situation and how to protect yourself.

What happened at Sav-Rx?

Sav-Rx, a pharmacy benefit management (PBM) company, provides prescription drug management services to employers, unions, and other organizations across the U.S. In October 2023, they experienced a cybersecurity incident that exposed the data of 2,812,336 people. They notified the Maine Attorney General’s office of the breach, and have since been working to investigate and rectify the situation.

How did Sav-Rx respond?

Upon discovering the breach, Sav-Rx immediately took steps to secure their systems and engaged third-party cybersecurity experts. Their IT systems were restored the next business day, and they were able to ship prescriptions on time without delay. Their investigation, however, took almost eight months to complete with the help of third-party experts. The hackers first accessed customer data on October 3, 2023, and the breach exposed sensitive information like names, dates of birth, Social Security Numbers, email addresses, and insurance identification numbers.

Why did it take so long for Sav-Rx to notify customers?

Sav-Rx explains that they prioritized minimizing interruption to patient care before launching an investigation on the impact of the incident. They also wanted to be as accurate as possible in their findings, so they didn’t rush the investigation. Health plan customers (impacted organizations) were notified between April 30 and May 2, 2024, and Sav-Rx then reached an agreement with its business customers to notify impacted individuals. Letters were circulated late last week.

What should you do if you think you’re affected?

If you believe you might be affected by the Sav-Rx data breach, call 888-326-0815 to confirm. In some cases, the company didn’t have sufficient contact information to notify individuals, so it’s essential to reach out if you’re unsure. Though there’s currently no evidence that the stolen information has been misused or disseminated on the dark web, Sav-Rx is offering two-year credit monitoring and identity theft protection services to those affected.

How can you protect yourself from future breaches?

It’s essential to monitor your credit reports for fraudulent activity, as the stolen data contains sensitive information that can be used for identity theft. In response to this incident, Sav-Rx has implemented new security measures, including a 24/7 security operations center, multi-factor authentication, network segmentation, enhanced geo-blocking, upgraded firewalls and switches, strengthened Linux security, and BitLocker encryption.

Stay informed and protected with us

We at IT Services understand the importance of keeping your personal information safe and secure. That’s why we’re committed to providing you with the latest updates and information on cybersecurity incidents like the Sav-Rx data breach. Stay informed and protect yourself by contacting us and keeping up with our latest articles on cybersecurity. We’re here to help!