In a monster week for pharma hacking, Pfizer leads the pack with a substantial data breach that it brought on itself. In a huge blunder, unsecured and unencrypted data containing logs, transcripts, and details of patient helpline conversations was leaked from a misconfigured Google Cloud storage bucket. The exposed data included detailed information regarding hundreds of conversations between Pfizer’s automated customer support software and patients using drugs including Lyrica, Chantix, Viagra, Ibrance, and Aromasin.
The exposed call or chat transcripts had extensive PII and medical data for patients including full names, addresses, phone numbers, and details of health and medical conditions. The transcripts also contained detailed information about treatments, patient experiences, and questions related to products manufactured and sold by Pfizer.
Leaving this kind of information laying around is a hacker’s dream, and a security nightmare for your business as not only the recovery costs but the regulatory penalties for exposing this kind of data adds up.
Maintaining compliance with many data privacy regulations requires multifactor authentication, Reach out to Strategic Technical Services if you want to learn more about MFA and how to protect and secure your company's data.