What is the official website of Cencora ?

The official website of Cencora is https://www.cencora.com/.

What is Cencora's cybersecurity risk score?

Cencora has an AI-generated cybersecurity risk score of 744 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Cencora experienced?

According to Rankiteo, Cencora currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Cencora been affected by any supply chain cyber incidents ?

According to Rankiteo, Cencora has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Cencora have SOC 2 Type 1 certification ?

According to Rankiteo, Cencora is not certified under SOC 2 Type 1.

Does Cencora have SOC 2 Type 2 certification ?

According to Rankiteo, Cencora does not hold a SOC 2 Type 2 certification.

Does Cencora comply with GDPR ?

According to Rankiteo, Cencora is not listed as GDPR compliant.

Does Cencora have PCI DSS certification ?

According to Rankiteo, Cencora does not currently maintain PCI DSS compliance.

Does Cencora comply with HIPAA ?

According to Rankiteo, Cencora is not compliant with HIPAA regulations.

Does Cencora have ISO 27001 certification ?

According to Rankiteo,Cencora is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Cencora operate in ?

Cencora operates primarily in the Hospitals and Health Care industry.

How many employees does Cencora have ?

Cencora employs approximately 27,718 people worldwide.

Does Cencora own any subsidiaries ?

Cencora presently has no subsidiaries across any sectors.

How many LinkedIn followers does Cencora have ?

Cencora's official LinkedIn profile has approximately 201,207 followers.

What is the NAICS classification code for Cencora ?

Cencora is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.

Does Cencora have a Crunchbase profile ?

Yes, Cencora has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/amerisourcebergen-corporation.

Does Cencora have a LinkedIn profile ?

Yes, Cencora maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cencoraglobal.

How many cybersecurity incidents has Cencora experienced ?

As of June 14, 2026, Rankiteo reports that Cencora has experienced 11 cybersecurity incidents.

How many peer or competitor companies does Cencora have ?

Cencora has an estimated 33,027 peer or competitor companies worldwide.

What types of cybersecurity incidents has Cencora faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Cencora

Boost Score +25 with badge (5 left)

744

/1000

Moderate

769

/1000

Fair

Cencora Vendor Cyber Rating & Cyber Score

cencora.com

cb in

Add Your Compliance Badge

Cencora, a company building on the legacy of AmerisourceBergen, is a leading global pharmaceutical solutions organization centered on improving the lives of people and animals around the world. We connect manufacturers, providers, and patients to ensure that anyone can get the therapies they need, where and when they need them. We also help our partners bring their innovations to patients more efficiently to accelerate positive outcomes. Becoming Cencora has allowed us to combine all the companies and services of AmerisourceBergen. Now, as a unified and internationally inclusive brand, we’re continuing to invest in and focus on our core pharmaceutical distribution business, while also growing our platform of pharma and biopharma services

Cencora A.I CyberSecurity Scoring

Scoring History

Cencora

Cencora CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Cencora

Breach

100

9/2025

AME476204709202...

Cencora

Breach

100

1/2025

INOCEN177580230...

Cencora

Breach

11/2024

WOR100072725

Cencora

Breach

100

9/2024

MWI630072625

Cencora

Breach

8/2024

AME345072925

Cencora

Breach

4/2024

AME425072825

Cencora

Breach

2/2024

MWI122072925

Cencora

Breach

2/2024

AME453224509302...

Cencora

Breach

2/2024

CEN270212709302...

Cencora

Cyber Attack

03/2023

ALL363723

Cencora

Breach

02/2023

AME62016223

Loading…

A.I.

Cencora Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Cencora

Incidents vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for Cencora in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Cencora in 2026.

Incident Types Cencora vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for Cencora in 2026.

Incident History - Cencora (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Cencora Subsidiaries

Cencora

Hospitals and Health Care

Website: https://www.cencora.com/

Company Size: 10,001+ employees

AmerisourceBergenHospitals and Health Care

World CourierTransportation, Logistics, Supply Chain and Storage

Alliance Healthcare TurkeyPharmaceutical Manufacturing

Innomar StrategiesPharmaceutical Manufacturing

Besse MedicalPharmaceutical Manufacturing

Loading…

Cencora Similar Companies

Helios Health GmbH

helios-health.com

Based on our extensive expertise and know how we seek to ensure high quality, efficient and patient focused healthcare, locally as well as within an international environment. For this purpose Helios Health was founded in 2017. Helios Health combines Helios Germany (Helios Kliniken) and Helios Spain (Quirónsalud in Spain) and bundles cooporations with other Fresenius business segments such as Fresenius Vamed, Fresenius Kabi and Fresenius Medical Care. We are constantly looking for further growth opportunities and aim to facilitate know how exchange between healthcare providers and systems worldwide. We focus on acute care and near acute care activities in a structural framework that we can develop and advance based on our expertise and experience. In addition, we seek to provide cross-sectoral integrated patient care connecting in inpatient and outpatient care in the best suitable way for our patients. This promotes coordinated treatment and care pathways, reduced length of hospital stays and faster recovery of our patients. In line with our international growth strategy we are not interested in the acquisition of single / stand-alone hospitals but rather in the integration of hospital groups or medical center chains in order to create and develop healthcare platforms. We also cooperate with the other Fresenius business segments being active in healthcare in over 100 countries worldwide. We usually aim for a sole shareholder position or to acquire a controlling stake to assume full responsibility for the operating business.

Omega Healthcare Management Services

omegahms.com

Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) is an AI-driven healthcare solutions company that partners across the healthcare ecosystem to deliver breakthrough results by reimagining and elevating revenue operations. Powered by the Omega Digital Platform®, our agentic AI engine leverages adaptive intelligence to drive automation, complemented by deep human expertise to help optimize performance and deliver sustained financial and clinical outcomes—while enhancing patient satisfaction. Omega Healthcare empowers organizations across provider, payer, and life sciences sectors to navigate today’s healthcare challenges while building the agility to adapt as healthcare and technology continue to evolve rapidly. Recognized by industry analysts, Omega Healthcare has consistently been ranked a leader in driving operational performance excellence. For more information, visit www.omegahms.com

Ardent Health

ardenthealth.com

Ardent Health is a leading provider of healthcare in growing mid-sized urban communities across the U.S. With a focus on people and investments in innovative services and technologies, Ardent is passionate about making healthcare better and easier to access. Through its subsidiaries, Ardent delivers care through a system of 30 acute care hospitals and approximately 280 sites of care with over 1,800 employed and affiliated providers across six states. Ardent includes: • 24,000+ team members • 8,000+ nurses • 15,000 lives touched each day • $1 million+ community contributions per day

Bupa UK

bupa.co.uk

Established in 1947, Bupa's purpose is helping people live longer, healthier, happier lives and making a better world. We are a healthcare company serving millions of customers. With no shareholders, we reinvest profits into providing more and better healthcare for the benefit of current and future customers. For more information, visit www.bupa.co.uk

Piedmont

piedmont.org

Piedmont is empowering Georgians by changing health care. We continue to fuel Georgia’s growth through safe, cost-effective, high-quality care close to home through an integrated health care system that provides a hassle-free, unified experience. We are a private, not-for-profit organization with more than 12,000 donors annually that for centuries has sought to make a positive difference in every life we touch in the communities we serve. Across our 2,171 physical locations we care for more than 4.5 million patients and serve communities that comprise 85 percent of Georgia’s population. This includes 27 hospitals, 113 immediate care locations, 1,875 Piedmont Clinic physician practices and more than 3,600 Piedmont Clinic members. Our patients conveniently engage with Piedmont online, as they scheduled more than 560,000 online appointments and over 120,000 virtual visits. With more than 47,000 care givers we are the largest Georgia-based private employer of Georgians, who all came for the job, but stayed for the people. In 2024 and 2023, Piedmont has earned recognition from Newsweek as one of America’s Greatest Workplaces for Diversity and also as one of America's Greatest Workplaces for Women. In 2022, Forbes ranked Piedmont on its list of the Best Large Employers in the United States. Piedmont provided more than $607 million in community impact in Fiscal Year 2024. For more information, or booking your next appointment, visit piedmont.org.

Access Healthcare

cb accesshealthcare.com

Established in 2011, Access Healthcare remains at the forefront of healthcare management, allowing providers to focus on what matters most – their patients. Our reputation is built on investing in and developing innovative technology allowing us to deliver custom solutions, enhancing the quality and speed of service delivery. As a global leader, we are recognized as a trusted partner by healthcare organizations, offering comprehensive revenue cycle management (RCM) solutions that boost financial performance, streamline operations, and positively impact patient care. We have built one of the most efficient RCM platforms in the industry combining data, proprietary workflow automation, and deep healthcare expertise to drive value for our clients. With more than 27,000 revenue cycle professionals operating 24 global delivery centers in the US, United Kingdom, India, and the Philippines, Access Healthcare emphasizes scalability, automation, and transparency. We collaborate closely with our clients to meet their most imperative needs.

Hapvida NotreDame Intermédica

hapvida.com.br

Com 80 anos de experiência, a Hapvida é hoje a maior empresa de saúde integrada da América Latina. A companhia, que possui mais de 73 mil colaboradores, atende 16 milhões de beneficiários de saúde e odontologia espalhados pelas cinco regiões do Brasil. Todo o aparato foi construído a partir de uma visão voltada ao cuidado de ponta a ponta, a partir de 86 hospitais, 78 prontos atendimentos, 363 clínicas médicas e 305 centros de diagnóstico por imagem e coleta laboratorial, além de unidades especificamente voltadas ao cuidado preventivo e crônico. Dessa combinação de negócios, apoiada em qualidade médica e inovação, resulta uma empresa com os melhores recursos humanos e tecnológicos para os seus clientes.

Beth Israel Lahey Health

bilh.org

Beth Israel Lahey Health is a new, integrated system providing patients with better care wherever they are. Care informed by world-class research and education. We are doctors and nurses, technicians and social workers, innovators and educators, and so many others. All with a shared vision for what health care can and should be.

Penn Medicine, University of Pennsylvania Health System

cb pennmedicine.org

Penn Medicine is a world leader in academic medicine, setting the standard for cutting-edge research, compassionate patient care, and the education of future health care professionals. From founding the nation’s first hospital and medical school to pioneering Nobel Prize-winning mRNA vaccines and lifesaving cancer therapies, Penn Medicine continues to show the world what comes next. Home to more than 49,000 team members, Penn Medicine includes the University of Pennsylvania Health System and the Perelman School of Medicine. Together, our clinicians and scientists drive discoveries that transform patient care and improve lives across Pennsylvania, New Jersey, and beyond. Penn Medicine’s seven hospitals—the Hospital of the University of Pennsylvania, Penn Presbyterian Medical Center, Pennsylvania Hospital, Chester County Hospital, Lancaster General Health, Penn Medicine Princeton Health, and Doylestown Health—along with hundreds of outpatient sites and home care services, provide exceptional care throughout the region. At Penn Medicine, innovation and collaboration fuel everything we do. Our mission is to advance knowledge and improve health through research, patient care, and education in an inclusive culture that embraces diversity, fosters innovation, and sustains our legacy of excellence. Learn more: www.pennmedicine.org Read the latest stories: www.pennmedicine.org/news

Loading…

NEWS

Cencora CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

April 10, 2026 07:00 AM

Hidden Liability: Why Legacy Web Forms Put Life Sciences Organizations at Critical Risk

Modernizing technology is urgent as legacy web forms expose pharma companies to breaches averaging $5.1 Million.

Read Article

April 01, 2026 07:00 AM

Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec

PR Newswire. NEW YORK, April 1, 2026. NEW YORK, April 1, 2026 /PRNewswire/ -- TAC Infosec, a global leader in cybersecurity (NSE: TAC),...

Read Article

March 30, 2026 07:00 AM

TAC Security Builds Global Cybersecurity Client Network

TAC Security crosses 10000 clients across 100 countries, strengthening its global cybersecurity platform and expanding enterprise security...

Read Article

March 23, 2026 07:00 AM

Sidley, Kirkland Steer $1.1B Sale Of EyeSouth's Retina Biz

Private equity shop Olympus Partners, advised by Kirkland & Ellis LLP, on Monday unveiled plans to sell the retina business of EyeSouth...

Read Article

December 03, 2025 08:00 AM

Cencora Enhances Global Pharmaceutical Logistics Services, Cold Chain Capabilities

Cencora, a global pharmaceutical solutions company, today announced investments to enhance its third-party logistics (3PL) capabilities in...

Read Article

November 25, 2025 08:00 AM

Cencora, Inc. SEC 10-K Report

Cencora, Inc., a leading player in the healthcare solutions industry, has released its annual Form 10-K report, showcasing a robust...

Read Article

August 11, 2025 07:00 AM

Cencora & The Lash Group Settle Data Breach Litigation for $40 Million

Cencora, The Lash Group, and their affiliates have agreed to pay $40 million to settle class action data breach litigation over a February...

Read Article

April 28, 2025 07:00 AM

22 Biggest Cyber Attacks in History That Made Global Headlines

Discover the 22 biggest cyber attacks from 2011 to 2024, including how they happened, who was hit, and what they reveal about cybersecurity...

Read Article

April 14, 2025 07:00 AM

Jim Cramer explains why these market themes are working right now

CNBC's Jim Cramer on Monday explained why he thinks certain sectors can do well on the market right now.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…