Sloppy security behind Pfizer hack?

Share this article:

Like all drug firms with a Facebook presence, Pfizer lost some control in August when Facebook opened up pharma company pages to public commenting. But that was relatively mild compared to the loss of power it suffered in July at the hands of a group of hackers calling themselves the Script Kiddies.

During their brief takeover of Pfizer's Facebook page, no confidential information about the company or any individuals were at risk, said Pfizer, which has been in contact with Facebook to “understand how this incident occurred to ensure it doesn't happen again.”

Contrary to reports that Facebook was the source of the breach, Graham Cluley, senior technology consultant at worldwide computer security firm Sophos, told MM&M that traces left by the cyber thugs make it unlikely the social network was responsible for the illict entry.

Their online graffiti included a link to the profile of an employee of San Francisco-based WCG, the PR firm which, according to the agency's website, handles some corporate communications and interactive duties for Pfizer. (The employee's LinkedIn profile lists Pfizer as a social media client.) 

“My suspicion is this page got hacked because [the employee] was sloppy with his security,” Cluley said. “If I were investigating this hack, the very first thing to do would be to look at the security of the page's administrators and in particular their passwords. That's where my money would be.”

He speculated that, if the employee referred to was in fact the system administrator for Pfizer's Facebook page, and his name and password had been hacked and already posted elsewhere online (hacktivist gangs such as LulzSec and Anonymous often post stolen passwords on a site called Paste Bin), the hackers could have found it and used it to open the Facebook account.

A Facebook spokesperson said the company doesn't comment on specific cases.


Share this article:
You must be a registered member of MMM to post a comment.

Email Newsletters

More in Features

Read the complete September 2014 Digital Edition

Read the complete September 2014 Digital Edition

Click the above link to access the complete Digital Edition of the August 2014 issue of MM&M, with all text, charts and pictures.

Medical marketing needs mainstream Mad Men

Medical marketing needs mainstream Mad Men

Agencies must generate emotional resonance with the target audience, not unlike Apple, Pepsi or Nike

Are discounts cutting out co-pays?

GSK's decision to cut Advair's price spurred some PBMs to put it back on formulary. Will drugmaker discounts diminish the need for loyalty programs? How can these programs stay relevant beyond giving co-pay assistance?