Data security breach at Pfizer affects thousands

A Pfizer employee removed files exposing 34,000 people to potential identity fraud, according to the company. It was the third data breach at the company in three months.

Pfizer Inc. disclosed a new data breach at the company that exposed as many as 34,000 employees to potential identity fraud.

In a letter sent by Pfizer attorney, Bernard Nash to state attorneys general around the nation, the pharmaceutical giant said an employee removed copies of confidential information from a Pfizer computer system late last year. It was the third disclosure of a data breach at the New York City-based company in the last three months.

"The person responsible for the breach violated company policy and no longer works at Pfizer," Nash said. "The total number of affected individuals is still an estimate because there is a substantial amount of data to be analyzed."

Nash said that Pfizer discovered the breach on July 10. The letters to attorneys general were dated Aug. 23, more than seven weeks after Pfizer became aware of the problem and more than eight months after the information was exposed.

According to the letter, the breach involved the names and Social Security numbers of all people affected. The information also included home addresses, telephone numbers, fax numbers, e-mail addresses, credit card numbers, bank account numbers, passport numbers, driver's license numbers, military identification numbers, birth dates, signatures and reasons for termination of employment.

In a letter being sent to affected employees, Pfizer said it has retained Identity Safeguards, a firm specializing in identity theft to provide affected employees with credit protection services. The firm will provide $50,000 of Identity Theft insurance with no deductible, according to the letter.

Pfizer has hired a team of IT pros to investigate its systems after it first discovered a data breach. According to Nash, the company also contacted law enforcement and major national credit agencies.

In June, Pfizer confirmed that a data breach compromised the identities of 17,000 employees. In July, the company disclosed that an employee of a Pfizer contractor had two laptops containing employee data and proprietary information stolen from a car.

Dig deeper on Identity Theft and Data Security Breaches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close