Drug maker Pfizer has been busy alerting 17,000 present and former employees that due to a policy violation on a company computer, their names and Social Security numbers have been exposed to potential unauthorized access.
In a letter dated June 1, Pfizer's privacy officer, Lisa Goldman, told the affected individuals that an investigation showed files stored on an employee laptop had been exposed, but the company is unclear about which information was accessed or copied.
Goldman adds in the letter that Pfizer has no reason to believe that the sensitive data was accessed.
The laptop was loaded with an unauthorized file-sharing program, the letter says. Upon learning of the unauthorized access, Pfizer retrieved the laptop and disabled the peer-to-peer software. The investigation could not uncover which employees' information was accessed or viewed, the letter says.
"Our investigation is ongoing, and we are taking steps to prevent any further dissemination of these files, and to determine the identity and location of any person(s) who may be reposting them," the letter reads.
Pfizer has contracted with credit reporting agency Experian to allow effected employees to enroll in its credit-monitoring program at no cost for one year.