Third Data Breach on Pfizer’s System
Pfizer has revealed a third data hacking incident during June-August 2007 that stole customers' personal information from its systems. But the company has now stepped up the security.
Pfizer Inc. has disclosed a data breach, the third one in just three months from June 2007 to August 2007. The breach has affected the private information of about 34,000 people.
While the incident happened in late 2006, the company discovered it only on July 10 this year, said Pfizer spokeswoman Shreya Prudlo. Computerworld published this in news on September 4, 2007. Pfizer began notifying the affected individuals on account of the breach on August 24, 2007, after over six weeks of getting to know about the incident.
Pfizer confirmed that there was a possibility of identity theft because an ex-employee had unlawfully reached and downloaded the confidential data from a computer system in the company premise and Pfizer was completely unaware of it. The hacked data included names, dates of birth, phone numbers, Social Security numbers, and credit card and bank account information.
The Detroit News first reported the story of data breach after it got a duplicate of the notification letter that Pfizer distributed.
In a correspondence to the affected people, Lisa M. Goldman of the Pfizer Privacy Office, said that there was no evidence of misuse of information taken from the Pfizer computer system. Theday published this in news on August 24, 2007. In spite of that, Pfizer assured that it has maintained the Identity Safeguards that prevents ID theft to offer two years of free service of counseling on fraud resolution and credit monitoring.
The other two data hacking incidences during the aforementioned period happened in a similar way. In the first case, there was a potential compromise of information that identified approximately 17,000 people. The incident occurred when the spouse of a company worker unlawfully downloaded the information using a file-sharing program on a company system.
After this, in July 2007, Pfizer reported another theft of two laptop computers that held confidential data on employees and the company's proprietary information from the vehicle of an employee of Axia, a company on contract with Pfizer.
Goldman's letter also mentioned that the company had upgraded the computer system that stored the information and also the security of rest of the systems.
Related article: Threat from Cyber-terrorism at par with Military Attacks
» SPAMfighter News - 15-09-2007