bioMerieux Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating bioMérieux regarding its recent data breach. The bioMérieux data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.

ABOUT BIOMERIEUX:

bioMérieux is a biotechnology research company focused on the detection and containment of infectious diseases. As a biotech company, bioMérieux offers services to help detect diseases in agriculture, pharmaceuticals, and cosmetics. Additionally, bioMérieux provides lab testing equipment for hospitals and labs, including testing for COVID-19 and other respiratory infections. Founded in 1963, bioMérieux began when its founder Alain Mérieux started the company with the goal of trying to improve public health. Today, bioMérieux has grown into a global corporation with an annual revenue of over $3 billion. Headquartered in Marcy-l’Étoile, France, bioMérieux has locations in 45 countries and serves over 160 countries.

WHAT HAPPENED?

On June 1, 2023, bioMérieux discovered that one of its vendors, Vitality Group, had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. Through its investigation, bioMérieux determined that an unauthorized actor may have accessed and acquired this sensitive information through a vulnerability in the MOVEit file transfer application on June 1, 2023. On June 15, 2023, bioMérieux began contacting individuals whose information may have been impacted. On June 28, 2023, bioMérieux sent out a second wave of letters to individuals impacted by the breach. The type of information exposed includes:

• Name
• Social Security number
• Date of birth
• Health information