Breaches involving the pharma sector may or may not involve patient data, but as we saw early on the pandemic, hitting the pharma sector when it is working on developing vaccines, testing vaccines, or distributing vaccines can have significant national and global health implications.
Julian Upton reports:
The pandemic’s exacerbation of the pharmaceutical industry’s exposure to data breaches has been one of the many disquieting side effects of life under COVID-19. In showing the extent of this security compromise among the Fortune 500 top 20 pharma companies, Constella Intelligence’s new study, Pharma Sector Exposures Report: 2018–2021 Digital Risk Findings and Trends, makes for particularly unnerving reading, comparing as it does the number and type of data breaches that occurred during the pandemic period (up to September 2021) with those that took place in the two years before COVID.
Constella reports that the number of data breaches affecting these top 20 pharma companies rose from 1,930 in 2018 to 2,165 in 2019 and then to 3,619 in 2020. Breaches from January to September 2021 take the total number to 9,830. The resulting number of records exposed from those breaches is some 4.5 million. Around two-thirds (64%) of the breaches and leakages identified include personally identifiable information (PII), with the most common attributes being email, password, name, username, phone number, address, date of birth, and credit card information. In a closer study of 78 executives from these companies, Constella found that 58% had their corporate credentials leaked since 2018, with nearly a third having their passwords exposed in breaches.
Read more at PharmExec.com.