Estonia Seeks Moroccan in Pharmacy Data Breach

Estonian authorities have issued an arrest warrant for a Moroccan national suspected of breaching a sensitive customer card database belonging to Allium UPI, the parent company of the Apotheka pharmacy chain. The intrusion, which occurred in February 2024, reportedly involved unauthorized access to confidential user data, prompting a criminal investigation into the breach.

Details about the scope of the compromised data have not been disclosed, but officials are treating the incident as a significant cybersecurity violation. Estonia’s law enforcement is coordinating with international partners in an effort to locate and detain the suspect.

The case highlights growing concerns across Europe about the security of healthcare-related data, particularly as pharmacies and medical institutions increasingly rely on digital infrastructure. Allium UPI has not issued a public statement on the breach, and it remains unclear whether affected customers have been notified.

Authorities have not released further details pending the outcome of the ongoing investigation.