conti attacks Sav-Rx Prescription Services

Incident Date:

March 23, 2022

World map



conti attacks Sav-Rx Prescription Services


Sav-Rx Prescription Services




Fremont, USA

Nebreska, USA

First Reported

March 23, 2022

Sav-Rx Prescription Services Suffers Ransomware Attack

Sav-Rx Prescription Services, a family-operated Medication Benefits Manager, has been targeted by the ransomware group Conti. The attack was announced on the group's dark web leak site. The company, operating in the Healthcare Services sector, has been serving since 1968.

Sav-Rx is celebrated for its dedication to American workers, providing lower costs and enhanced member satisfaction in comparison to other PBMs. The company has garnered endorsements from several unions, including the International Brotherhood of Electrical Workers (IBEW), the National Electric Contractors Association (NECA), the International Union of Bricklayers and Allied Craftworkers (BAC), and the International Association of Bridge, Structural, Ornamental, and Reinforcing Ironworkers (IW).

Despite its strong reputation and commitment to its clients, Sav-Rx has encountered a significant challenge in the form of a ransomware attack. The incident was reported by HackNotice, a service that monitors data streams related to breaches, leaks, and hacks. However, specific details regarding the extent of the damage and the ransom demanded remain undisclosed.

The Healthcare Sector: A Prime Target for Ransomware Attacks

The healthcare sector has increasingly become a significant target for ransomware attacks in recent years. The industry's heavy reliance on digital systems and the sensitive nature of the data they manage make healthcare organizations particularly attractive to cybercriminals.

In response to these threats, it is imperative for organizations within the healthcare sector to adopt comprehensive cybersecurity measures. These measures should include regular system updates and patches, thorough employee training, and the deployment of advanced security tools designed to detect and thwart cyber threats effectively.

The ransomware attack on Sav-Rx Prescription Services underscores the critical need for healthcare organizations to prioritize cybersecurity. By doing so, they can safeguard their systems and the sensitive data they are entrusted with.


  • HackNotice - Sav-Rx Prescription Services
  • The Latest on Ransomware Attack Affecting U.S. Health Care System - HealthITSecurity

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.