IBM has announced a data breach of Janssen’s CarePath platform and has started informing affected customers.

The Janssen CarePath portal provides patients and healthcare professionals in the US with information regarding insurance coverage, out-of-pocket costs, and prescribing information at no cost to the users.

The number of highest grossing Janssen drugs are included in the platform such as Darzalex (daratumumab) and Stelara (ustekinumab) which generated $2.5bn and $3.2bn in US sales in H1 2023, respectively, as per the company’s Q2 2023 financial report.

Data breaches at the top pharma companies are nothing new, as companies such as Merck & Co (MSD), Roche, and AstraZeneca have all been hacked in the past. Data breaches cost the companies an average of $5m to remediate, as per IBM’s 2020 data breach report.

The Janssen CarePath systems provider, IBM, indicated that the stolen data may have contained information provided as part of the Janssen CarePath application, including individual names, contact information, date of birth, health insurance information, and information on an individual’s health conditions and medications.

Although IBM has identified that a data breach occurred on 2 August, the company is unsure of the extent of information that was accessed.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

IBM was quick to note that no financial information or social security numbers have been affected, as it was not part of the database, and no information misuse has been reported. However, the companies have offered the affected customers a complimentary one-year credit monitoring service.

IBM noted the data breach as part of its investigation into a potential backdoor access to the system. After Janssen notified IBM of the issue, the latter remediated the issue and started its investigation into whether any unauthorised access to the CarePath system occurred.

Recent data breaches in the pharmaceutical sector include a ransomware attack on Eisai in June, due to which several of the company’s systems had to be taken offline. Eisai and Biogen’s antibody therapy, Leqembi (lecanemab-irmb), for Alzheimer’s was approved by the US Food and Drug Administration in January.