Experts Reacted On Pharma Giant Pfizer Exposes Patient Data On Unsecured Cloud Storage

It has been reported that Global pharmaceutical giant Pfizer Inc. has suffered a data breach with patient information found exposed on unsecured cloud storage.  Discovered and publicised yesterday, the exposed data was found on a misconfigured Google Cloud storage bucket. The data included hundreds of conversations between Pfizer’s automated customer support software and people using its prescription pharmaceutical drugs including Lyrica, Chantix, Viagra and cancer treatments Ibrance and Aromasin. Along with confidential medical information, the transcripts included full names, home addresses and email addresses, all of which could be used by hackers to target patients with highly effective phishing campaigns.

Experts Comments

October 23, 2020
Sam Curry
Chief Security Officer
Cybereason
What the recent Pfizer data breach tells us is that it is extremely difficult for even the largest companies in the world to secure their data every hour, every day and every week. It's irrelevant whether an internal or external error led to this data breach, because the digital footprint for enterprises is expanding at such a rapid pace that errors will occur and data will be exposed. However, it is incumbent upon Pfizer to continue to do everything humanly possible to protect its IP, customer .....Read More
What the recent Pfizer data breach tells us is that it is extremely difficult for even the largest companies in the world to secure their data every hour, every day and every week. It's irrelevant whether an internal or external error led to this data breach, because the digital footprint for enterprises is expanding at such a rapid pace that errors will occur and data will be exposed. However, it is incumbent upon Pfizer to continue to do everything humanly possible to protect its IP, customer and partner data and all proprietary information. In this case, Pfizer can't play the victim card as there certainly aren't any customers interested in hearing excuses. What they want is transparency and guarantees that the company will continue to make sure data protection is their top priority. Let this be another wake up call for all companies to improve their security, use threat hunting services to discover malicious operations quickly so that hackers are stopped in their tracks before material damage occurs.  Read Less
October 23, 2020
Boris Cipot
Senior Sales Engineer
Synopsys
Storing data within a cloud container has become the norm today. However, it seems that few systems are built on the principle of 'security by design', often leaving customer data unprotected. All data, from personal medical information to data which can be misused in spamming, phishing or even extorsion campaigns, should be protected at the highest level. Every company that handles customer data needs to be aware that systems used to store, and process data must be made resilient; instances of .....Read More
Storing data within a cloud container has become the norm today. However, it seems that few systems are built on the principle of 'security by design', often leaving customer data unprotected. All data, from personal medical information to data which can be misused in spamming, phishing or even extorsion campaigns, should be protected at the highest level. Every company that handles customer data needs to be aware that systems used to store, and process data must be made resilient; instances of misconfiguration cannot persist.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.