Security News > 2020 > October > Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts

UPDATE. Pharma giant Pfizer has leaked the private medical data of prescription-drug users in the U.S. for months or even years, thanks to an unprotected Google Cloud storage bucket.

Some of the transcripts were related to conversations about Advil, which is manufactured by Pfizer in a joint venture with GlaxoSmithKline.

"We also reviewed transcripts in which the conversation was 'escalated' to human customer support agents. It appeared these agents were registered nurses representing Pfizer in matters relating to its pharmaceutical brands."

They added, "For example, many people were enquiring about prescription refills and other queries. Such circumstances give cybercriminals a great opportunity to pose as Pfizer and request card details in order to proceed with the refills."

The Wales arm of the U.K.'s National Health Service announced that PII for Welsh residents who had tested positive for COVID-19 was exposed via a public cloud upload. This story was updated at 4:15 p.m. ET on Oct. 20, 2020, to include a statement from Pfizer.

News URL

https://threatpost.com/pharma-pfizer-leaks-prescription-call-transcripts/160354/