---
schema_version: "secwatch.filing_event.v1"
accession: "0001104659-24-028288"
form_type: "8-K"
ticker: "COR"
cik: "0001140859"
company_name: "Cencora, Inc."
filed_at: "2024-02-27T23:59:59+00:00"
generated_at: "2026-06-05T10:42:04.181482+00:00"
event_type: "cyber"
sentiment: "negative"
materiality_score: 0.75
calibrated_materiality_score: 0.75
confidence: "high"
source: SEC EDGAR
---

# Cencora discloses data exfiltration incident involving personal information on Feb 21, 2024

## Summary
- Data exfiltration discovered Feb 21, 2024; some exfiltrated data may contain personal information.
- Containment steps taken; investigation underway with law enforcement, cybersecurity experts, and external counsel.
- No material operational impact to date; systems remain operational.
- Company has not yet determined whether incident will materially impact financial condition or results.

## SEC filing metadata
- accession: 0001104659-24-028288
- form_type: 8-K
- ticker: COR
- cik: 0001140859
- company_name: Cencora, Inc.
- filed_at: 2024-02-27T23:59:59+00:00
- event_type: cyber
- sentiment: negative
- materiality_score: 0.75
- calibrated_materiality_score: 0.75
- confidence: high
- sec_items: 1.05
- EDGAR index: https://www.sec.gov/Archives/edgar/data/1140859/000110465924028288/0001104659-24-028288-index.htm
- EDGAR primary document: https://www.sec.gov/Archives/edgar/data/1140859/000110465924028288/tm247267d1_8k.htm

## Machine-readable alternates
- HTML: https://secwatch.observer/filing/0001104659-24-028288
- JSON: https://secwatch.observer/filing/0001104659-24-028288.json
- Plain text: https://secwatch.observer/filing/0001104659-24-028288.txt

## Key facts
- Cybersecurity Incidents
  Cencora, Inc. disclosed a cybersecurity incident: data from its information systems had been exfiltrated, some of which may contain personal information. Impact: the incident has not had a material impact on the Company’s operations, and its information systems continue to be operational. Materiality is still being assessed. Discovered 2024-02-21.
  - Nature: data from its information systems had been exfiltrated, some of which may contain personal information
  - Impact: the incident has not had a material impact on the Company’s operations, and its information systems continue to be operational
  - Materiality: assessing
  - Discovery: 2024-02-21
  source text: On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information.
  evidence_url: https://www.sec.gov/Archives/edgar/data/1140859/000110465924028288/0001104659-24-028288-index.htm

This AI-assisted summary is a reading aid. Review the linked SEC EDGAR filing before relying on any specific claim.