- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Pfizer Alleges Insider Stole #COVID19 Vaccine Docs
Pharmaceuticals giant Pfizer alleges that an employee stole COVID-19 vaccine secrets in advance of a job move to a rival company.
The New York-headquartered firm filed a complaint in a Californian district court earlier this week against “soon-to-be-former employee” Chun Xiao (Sherry) Li, according to Bloomberg Law.
It reportedly alleges that Li uploaded more than 12,000 files, including “scores” of confidential documents to a Google Drive account. They’re said to have included vaccine study analysis and info on the development of new drugs.
It’s claimed that the pharma giant detected the activity after installing software to monitor for suspicious behavior, such as uploading files to the cloud. The firm had reportedly already disabled USB access on employee devices.
Li allegedly uploaded the files over a three-day period in October 2021. Officials at the firm reportedly investigated and found an email containing a job offer from Californian pharma firm Xencor.
When confronted, Li is said to have claimed she was merely organizing her files offline. However, in the space of a few hours between meetings with Pfizer forensics staff, she deleted the files, according to the report.
Li transferred to San Diego from Pfizer’s product development group in China after working there for a decade.
“Pfizer takes the safeguarding of sensitive and confidential information very seriously,” a statement from the firm noted. “Protecting that information is critical to scientific innovation, ultimately enabling us to deliver breakthroughs for patients.”
ImmuniWeb founder Ilia Kolochenko explained that pharmaceutical firms are a significant target for both nation-state and financially motivated threat actors.
“Some intrusion campaigns are extremely sophisticated and may deliberately include false flags, such as insider-related incidents, to serve as a smokescreen aimed to distract cybersecurity teams from a much bigger intrusion,” he added.
“This may also be a case with the disclosed Pfizer incident, but it’s too early to make any conclusions at this point in time.”
