Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts
Hundreds of medical patients taking cancer drugs, Premarin, Lyrica and more are now vulnerable to phishing, malware and identity fraud.
According to Karthik Krishnan, CEO of Concentric.ai, “Pfizer’s recent data exposure is alarming on two levels. It isn’t just names, emails and addresses – it’s health data (PHI) that could be reverse-engineered to reveal patient medical condition. PHI exposure raises the stakes for Pfizer too – their legal exposure goes to an entirely new level when health information is involved. The second aspect of this breach is much more insidious. Social engineering attacks, like phishing, succeed when the target believes they’re communicating with someone they trust. Attackers, armed with the details of private conversations with Pfizer, will have a far easier time gaining that trust. That has the very real potential to cause far more damage than any loss of PHI on its own. Reports indicate Pfizer left this data exposed for months. Improvements in data access governance solutions make it far easier for companies like Pfizer to get a handle on sensitive data to better control access and avoid data loss – even across sprawling on-premises and cloud data stores. It’s time to address unstructured data security.”