Just to underscore the risk of outsourcing private information, one of Pfizer's vendors allowed two relatively insecure laptops containing private employee information to be stolen: Pfizer Reports Second Data Breach In Two Months.
In a letter to Pfizer employees, Lisa M. Goldman, out of Pfizer's privacy office, said two password-protected laptops owned by consulting firm Axia were stolen out of a car in Boston. The information contained employee names and Social Security numbers.
Letters about the data breach were posted online by TheDay.com. Pfizer could not be reached for comment.
Bernard Nash, a lawyer representing Pfizer, sent a letter to the state attorney general on July 20, notifying him of the data breach. He said the 950 people involved are health care professionals who were or were considering providing the company with contract services. He also noted that additional information, such as home addresses, cell phone numbers, and e-mail addresses, also were compromised.
"All data security incidents are unfortunate, and Pfizer and Axia are committed to maintaining the confidentiality and security of data," said Nash in the letter. "Pfizer is working with Axia to improve data security protections and will apply the lessons learned from this incident to its work with other contractors and its own employees, as well."
Why would a vendor have such important information on a laptop without encrypted hard drives among other hardened security?
Popularity: 1% [?]
Unrest by Parkway Drive