PharMerica Data Breach Investigation

PharMerica Data Breach Investigation

Lowey Dannenberg is investigating claims for violations of the common law and state consumer protection statutes by PharMerica and BrightSpring Health Services, as a result of a data breach involving highly sensitive protected health information, including Social Security numbers, medication lists, and health insurance information.

What Happened and What Information Was Involved:

PharMerica is a national pharmacy services company, serving 3,100 long-term care, senior living, IDD/behavioral health, home infusion, specialty pharmacy, and hospital management programs.

PharMerica recently announced that on March 14, 2023, PharMerica and its parent company, BrightSpring Health Services, Inc. (“BrightSpring”), learned of suspicious activity on their computer network. PharMerica’s investigation determined that an unknown third party accessed PharMerica’s computer systems from March 12-13, 2023, and that certain personal information may have been obtained as a part of the incident. On March 21, 2023, PharMerica identified a data population whose personal and medical information were disclosed, including:

  • Names
  • Dates of birth
  • Social Security numbers
  • Medication lists, and
  • Health insurance information

The Money Message ransomware group has claimed responsibility for this attack. On April 9th, 2023, when the time to pay the ransom expired, the threat actors published the stolen data on their extortion site, which is available to download. Another threat actor also posted the entire data dump on a hacking forum, breaking the dataset into smaller pieces for easier downloading.


If you received a notice letter or email from PharMerica or BrightSpring, wish to participate, learn more, or discuss the issues surrounding the investigation please fill out the contact form below or please contact one of our attorneys at (215) 399-4782, or via email at