Janssen’s patient programme becomes latest victim of data breach

Patient information on the Janssen CarePath was accessed, but the true extent of the breach is still unknown.

Phalguni Deswal September 07 2023

IBM has announced a data breach of Janssen’s CarePath platform and has started informing affected customers.

The Janssen CarePath portal provides patients and healthcare professionals in the US with information regarding insurance coverage, out-of-pocket costs, and prescribing information at no cost to the users.

The number of highest grossing Janssen drugs are included in the platform such as Darzalex (daratumumab) and Stelara (ustekinumab) which generated $2.5bn and $3.2bn in US sales in H1 2023, respectively, as per the company’s Q2 2023 financial report.

Data breaches at the top pharma companies are nothing new, as companies such as Merck & Co (MSD), Roche, and AstraZeneca have all been hacked in the past. Data breaches cost the companies an average of $5m to remediate, as per IBM’s 2020 data breach report.

The Janssen CarePath systems provider, IBM, indicated that the stolen data may have contained information provided as part of the Janssen CarePath application, including individual names, contact information, date of birth, health insurance information, and information on an individual’s health conditions and medications.

Although IBM has identified that a data breach occurred on 2 August, the company is unsure of the extent of information that was accessed.

IBM was quick to note that no financial information or social security numbers have been affected, as it was not part of the database, and no information misuse has been reported. However, the companies have offered the affected customers a complimentary one-year credit monitoring service.

IBM noted the data breach as part of its investigation into a potential backdoor access to the system. After Janssen notified IBM of the issue, the latter remediated the issue and started its investigation into whether any unauthorised access to the CarePath system occurred.

Recent data breaches in the pharmaceutical sector include a ransomware attack on Eisai in June, due to which several of the company’s systems had to be taken offline. Eisai and Biogen’s antibody therapy, Leqembi (lecanemab-irmb), for Alzheimer’s was approved by the US Food and Drug Administration in January.

Uncover your next opportunity with expert reports

Steer your business strategy with key data and insights from our latest market research reports and company profiles. Not ready to buy? Start small by downloading a sample report first.

Newsletters by sectors

close

Sign up to the newsletter: In Brief

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

close