Healthcare / Pharmaceuticals (generic injectables) / Drug manufacturer / United States
US manufacturer of generic injectable pharmaceuticals for hospitals and healthcare providers, part of the Nichi-Iko group.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
Sagent Pharmaceuticals discovered unauthorized access to its network on or about February 11, 2026; the WorldLeaks group (a Hunters International rebrand) claimed the attack on March 8, 2026 under a data-theft extortion model. Sagent's review concluded on March 23, 2026 and it reported to state regulators on April 24, 2026 that 1,383 individuals were affected, with names and Social Security numbers among the exposed data. Affected individuals were offered credit monitoring.
Full threat analysis, exploitation vectors, and principal guidance below.
10 additional sections · verified field analysis · defensive doctrine
1.7M rows records analyzed
Sagent Pharmaceuticals is a US manufacturer of generic injectable pharmaceuticals for hospitals and healthcare providers, headquartered in Schaumburg, Illinois. It develops, sources and distributes injectable medicines used in acute-care settings and has operated as part of Japan's Nichi-Iko pharmaceutical group.
As a drug manufacturer, Sagent holds employee and corporate records rather than large patient datasets; the affected data in this incident centers on individuals (largely employees) whose names and Social Security numbers were involved, consistent with the offer of credit-monitoring services.
Sagent discovered unauthorized network access around February 11, 2026; the WorldLeaks group claimed the attack on March 8, 2026. Sagent completed its review on March 23, 2026, notified the Indiana, Maine and Massachusetts regulators on April 24, 2026 that 1,383 individuals were affected, and offered Equifax Credit Watch Gold.
Although the affected population is small (1,383 individuals), the exposure of names with Social Security numbers is high-severity per person, triggering multi-state attorney-general notification, credit-monitoring provision and litigation risk. As a healthcare-sector manufacturer, Sagent also faces reputational and regulatory scrutiny.
A healthcare-linked breach: exposure ties a named individual to a provider relationship and, where clinical or insurance data is present, to conditions and treatment. For a high-profile principal the main risk is credible impersonation and enrichment of existing exposure.
Motivation: Financial extortion
A leak extortion operation described as a rebrand or successor evolution of Hunters International. Reporting describes a shift toward extortion-only operations rather than encryption-first ransomware, with affiliate infrastructure and data leak pressure.
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation