Drugmakers and legislators want an outside audit of the FDA's hacking incident

[InfoSec News <alerts () infosecnews org>]

http://www.fiercepharma.com/story/drugmakers-want-outside-audit-fdas-hacking-incident/2013-12-18#ixzz2nuNgZ0UQ

By Eric Palmer
FiercePharma
December 18, 2013

Hackers got into FDA computer systems recently, prompting the agency to warn 
drugmakers to be on the lookout for misuse of their credit and to change their 
passwords. But some drugmakers fear the breach will also put their trade 
secrets--clinical trial data and manufacturing processes--at risk.

Trade associations and some legislators are now urging the FDA to let outside 
professionals analyze the attack and determine for sure what was taken, Reuters 
reports. In a letter to FDA Commissioner Margaret Hamburg, 5 members of 
Congress asked her to have an audit performed to "assess and ensure the 
adequacy of FDA's corrective actions."

The letter says the FDA notification to drugmakers suggests data were not 
encrypted. It also claims hackers had wormed their way into the "FDA's gateway 
system," allowing them access to confidential business information and 
sensitive data on trial participants. The FDA says that just isn't so. FDA 
spokeswoman Jennifer Rodriguez told Reuters the system that was attacked 
maintains account information for the Biological Product Deviation Reporting 
System, the Electronic Blood Establishment Registration System and the Human 
Cell and Tissue Establishment Registration System. "This system is not used to 
submit any applications. It is not the electronic gateway that was breached."

[...]



--
Find the best InfoSec talent without breaking your
IT recruiting budget! Save 50 percent off our normal
rate by using the discount code - XMAS2013
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/