OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] follow-up: Conn. AG Investigating Former Employee Link To Pfizer Data Breach

From: security curmudgeon (jerichoattrition.org)
Date: Thu Sep 27 2007 - 01:25:43 CDT


---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.informationweek.com/news/showArticle.jhtml?articleID=202101944

By Sharon Gaudin
InformationWeek
September 26, 2007

The Connecticut Attorney General is investigating a former Pfizer employee
in connection with a data breach that compromised personally identifying
employee information.

Bernard Nash, an attorney for the world's largest drug maker, said in a
letter to the Attorney General that another company sent a package to
Pfizer on July 6 that contained a DVD with Pfizer data on it. The
information had been found on a computer that the company, which went
unnamed in the letter, had assigned to a worker who had formerly been
employed at Pfizer, according to Nash's Sept. 21 letter.

After reviewing the information, Pfizer "became aware" that personal
information from the Pfizer network was on the DVD, Nash wrote. The
company notified a federal prosecutor on Aug. 17 "to explain Pfizer's
investigatory efforts, discuss the possibility of prosecution of the
responsible individual, and receive input on the most productive use of
Pfizer's investigative resources."

A source close to the investigation told InformationWeek that the AG's
office is investigating the matter.

[..]
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml