AEP Under Attack: Cybercriminals Disrupt German Pharmacy Supplies

The German pharmaceutical distributor AEP, based in Bavaria, has fallen victim to a ransomware attack, potentially leading to disruptions in medication supplies for thousands of pharmacies.

In a statement on the company’s official website, the incident was described as “targeted and criminal” — with portions of AEP’s IT systems encrypted. The attack was detected last week, prompting the company to implement “necessary and extensive protective measures.”

AEP supplies over 6,000 pharmacies throughout Germany and employs a workforce of around 200. According to the Bavarian Pharmacists’ Association, pharmacies may mitigate disruptions by drawing on reserves from other suppliers.

The investigation is being led by Bavaria’s Criminal Police, with whom AEP is actively collaborating, seeking resolution with the assistance of cybersecurity and digital forensics experts. The company noted that all external connections have been severed, and affected systems have been fully halted.

At present, AEP is unreachable by phone and can only handle a limited number of email inquiries. The cyberattack on AEP marks yet another instance of interference in the pharmaceutical sector’s operations.

However, this case is by no means unprecedented on a global scale. In February, the international pharmaceutical firm Cencora reported data theft, while an attack on Change Healthcare that same month significantly hampered pharmacy operations in the United States.