Exposed corporate credentials threatening the pharma sector

Constella Intelligence released a report which includes new and additional findings pertaining to exposures, breaches, and leakages within the pharma sector, specifically focusing on employees and executives from the top twenty pharma companies on the Fortune Global 500 list.

By analyzing identity records from data breaches and leakages found in open sources and on the surface, deep, and dark web, the threat intelligence team identified 9,030 breaches/leakages and 4,549,871 exposed records—including attributes like email addresses, passwords, phone numbers, addresses, and even credit card and banking information—related to employee corporate credentials from the companies analyzed.

Sensitive data circulation paving the way for ransomware attacks

The proliferation and circulation of this sensitive employee data endows threat actors with the necessary resources to execute a wide range of cyberattacks, including impersonation, phishing, account takeover and several others that can lead to more sophisticated attacks such as ransomware or coordinated disinformation campaigns.

“The pharma sector’s role within the healthcare ecosystem, especially with today’s public health needs, only emphasizes how critically important it is that these companies protect themselves from cyber threat actors,” said Constella Intelligence CEO, Kailash Ambwani.

“As we have seen before, only one exposed employee credential can lead to a company having their systems or supply chain shut down by a data breach leading to a ransomware attack, resulting in a shortage of life-saving supplies.”

Pharma companies are high-value targets for threat actors because of their intellectual property and proprietary information as well as their vital role in developing life-saving treatments. The transition towards remote workforces, driven by the pandemic, amid accelerating operational digitization has increased the overall digital footprint of companies in this sector, leading to greater digital vulnerabilities and risk.

This report uncovers the widespread prevalence of breaches and exposures related to the corporate credentials of employees and executives in the pharma sector, detailing the serious risks emerging from exposed sensitive data that negatively impact customers, employees, executives, brands, public health, and the healthcare system.

Pharma sector breaches and exposures

• Over 4.5M exposed records were identified from nearly 10K breaches and leakages exposing the corporate credentials of employees from the top twenty Global Fortune 500 pharma companies between 2018 and 2021.
• Nearly two-thirds of breaches and leakages in the pharma sector since 2018 include personally identifiable information (PII), with the most common attributes being email, password, name, username, phone number, address, date of birth, and credit card information.
• A sample of 78 executives (C-suite profiles) from top pharma companies found that 58% of executives have had their corporate credentials exposed in a third-party breach or leakage since 2018.
• Approximately 59% of total breaches and 76% of total exposed records identified in the report occurred since 2020, signaling both are escalating in the pharma sector at an alarming rate.