Pfizer Suffers Second Data Breach
Laptop Security Blog Pfizer Suffers Second Data Breach
September 19th, 2007
Author: arieannaPfizer reported a data breach in June affecting 17,000 current and former employees. The breach was the result of unauthorized file sharing software on a laptop.
Pfizer has now reported a second data breach, this time as a result of the theft of two laptops. This data breach occurred in May, but was only recently reported to Attorney General Richard Blumenthal’s office.
In May, two company laptops were stolen, containing personal information (including Social Security numbers) for 950 health care professionals. Axia Ltd., a management consulting firm working with Pfizer, is responsible for the data breach. On May 31, two laptops were stolen from a locked car. Pfizer was notified on June 14, and the Attorney General reportedly sent a letter the next week. The letter did not arrive until mid-August.
“I am deeply disturbed and troubled by these continuing security problems with information that should be closely safeguarded,” Blumenthal said Monday. “This kind of information should be treated as if it was cash, because it has the same value as cash to someone who might misuse it.”
This is not the first time Pfizer has delayed notification. Pfizer waited 6 weeks before notifying employees about the previous data breach, and 5 weeks have passed before public acknowledgement of this second data breach. Blumenthal has criticized Pfizer on both data breach accounts, and has requested information about their data security and data breach notification policies.
Pfizer has issued a statement indicating they are strengthening their data security practices:
“Pfizer and Axia take data security very seriously and we are both taking steps to enhance data security,” according to Goldman’s letter. “For example, Axia is adding stronger encryption features to all Axia laptops, as well as software that would be able to help Axia locate and retrieve any stolen or missing laptops. Pfizer is in the process of limiting the use of SSNs (Social Security numbers) whenever possible, and exploring a range of other data-security improvements.”
Pfizer and Axia will provide those affected with credit monitoring services, fraud resolution representatives, and $25,000 in identity theft insurance.
Read the letters between Pfizer and Attorney General Blumenthal here [PDF].
Via TheDay.com ; Tags: pfizer, pfizer data breach, axia, axia data breach, data breach, identity theft, laptop theft, laptop security, blumenthal
Category: Business Security, Data Breach, Laptop Security, Real Theft Reports, Security Breach, Theft News | 
2 Comments »
[...] Pfizer Suffers Second Data BreachPfizer reported a data breach in June affecting 17,000 current and former employees. The breach was the result of unauthorized file sharing software on a laptop. Pfizer … ) for 950 health care professionals. Axia Ltd., a management consulting firm working with Pfizer [...]
[...] Pfizer Suffers Second Data BreachPfizer reported a data breach in June affecting 17,000 current and former employees. The breach was the result of unauthorized file sharing software on a laptop. Pfizer … ) for 950 health care professionals. Axia Ltd., a management consulting firm working with Pfizer [...]