Second data breach in less than three months has people wondering what is going on at the giant pharmaceutical company.  Whether or not the frequent data breaches are coming from interested hackers, sloppy security systems, or a mixture of the two has yet to been seen.  However, within months of a delayed alert to 17,000 employees that their personal information had been compromised, another 950 people have been affected in a different breach of the security features of the network.

Connecticut state Attorney General issued a public statement stating how disgusted he was with the way that Pfizer is handling personal information of its employees and clients.  At one point Richard Blumenthal notes that “this information should be treated like cash.”  Pfizer has noticed a drop in its stocks as of late as a result of all the negative attention that it has been receiving in the national media in recent months.  In this incident, it was a consulting firm that was working with Pfizer that actually lost the sensitive information.  Two laptops were stolen from a locked car in Boston at the end of May, but a letter was not sent to the Attorney General for another three weeks and it was only now received by him, which generated his public statement about the disarray of the security in the company.

The consulting firm was Axia Ltd. and they have not issued an apology to the public about the incident.  It would appear that the information was neither password protected or encrypted, which makes the likelihood that it will be used by identity thieves even higher.  Unsecured information is unacceptable in this day and age and Pfizer has vowed that it will completely overhaul its security procedures and is bringing in industry leading experts to make sure that nothing of this sort happens again.  Unfortunately, knowing their recent track record it is difficult to believe the sincerity behind Pfizer.  The information on the laptop contained the names, social security numbers, and addresses of health industry consultants who were working to distribute Pfizer products around the world.

At this point, Pfizer has not said if it will continue to work with Axia Ltd. or if it will provide monitoring services to the nearly 1,000 newly affected individuals.  With the size of the recent breaches, a source who wished to remain anonymous has said that certain employees are considering filing a class action suit against the incompetence of the company and the delayed response before alerting people of the breach.  In the mean time, people are being advised to protect themselves by enrolling in ID theft subscription services.  One of the most popular choices has been Lifelock.  A company mainly known for its commercials with display the social security number of the owner on the side of a truck in downtown New York City, people are turning to it because of its successful track record.  By maintaining ties with Equifax, Trans Union, and Experian, Lifelock helps prevent ID theft before it happens.  While it cannot do anything about personal information getting into the hands of crooks, it can stop them from filing fraudulent loan and credit card applications.  Whenever this type of information appears at a credit bureau fro review, the company contacts its customer to make sure it is valid.  If it is a fraudulent piece of work, then it is prevented from being processed which stops the ID thieves from getting the cash or line of credit they were hoping to establish.

Tags: lifelock, pfizer

This entry was posted on Thursday, August 28th, 2008 at 12:25 pm and is filed under Corporate Breaches, Individuals. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.