"92% of Pharmaceutical Companies Have at Least One Exposed Database"

Researchers from Reposify analyzed eighteen leading pharmaceutical companies and their nine hundred plus subsidiaries worldwide to assess the prevalence of exposures of services, sensitive platforms, unpatched CVEs, and other security issues. Their results were published in a report called "Pharmaceutical Industry Attack Surface Exposures Report." The researchers found that 92% of pharmaceutical companies had at least one exposed database with potential data leakage. The researchers also found that 46% of pharmaceutical companies had an exposed SMB service. SMB exposures were previously exploited in other infamous attacks, like WannaCry, NotPetya and Nachi and Blaster worms. In 70% of pharmaceutical M&A deals in 2020 that were analyzed, the newly acquired subsidiary had a negative impact on the parent company's security posture, usually adding tens, in some cases, hundreds of sensitive exposed and unpatched services.

Help Net Security reports: "92% of Pharmaceutical Companies Have at Least One Exposed Database"