Ferring Pharmaceuticals Data Breach Leaks Social Security Numbers

Ferring Pharmaceuticals Inc. recently experienced a data breach stemming from a phishing attack. On October 16, 2024, the company discovered suspicious activity linked to an employee's email account.

Upon investigation, it was determined that unauthorized access to the account may have exposed sensitive personal information. The breach was disclosed to the Massachusetts Attorney General's office on December 5, 2024, and impacted at least two individuals in the state.

The compromised data included:

• Names
• Social Security numbers
• Work profile details, such as job history, current projects, and education profiles

The breach occurred when a phishing attack successfully targeted an employee's email account. This type of cyberattack typically involves tricking individuals into providing sensitive information or granting access to systems by posing as a legitimate entity. While the exact scope of the breach is still being assessed, the exposure of Social Security numbers and work-related details makes this incident particularly concerning.

You can review the official disclosure submitted to the Massachusetts Attorney General's office.

Ferring Pharmaceuticals' response

Ferring Pharmaceuticals acted promptly upon discovering the breach. The company immediately implemented a forced password reset for the affected email account and secured its email environment. A comprehensive internal investigation was launched to determine the extent of the breach, the specific data involved, and the individuals impacted. This review process concluded on October 28, 2024.

To mitigate the impact of the breach, Ferring Pharmaceuticals is offering affected individuals 18 months of complimentary identity protection services through Allstate Identity Protection's Pro+ Cyber plan. This service includes tri-bureau credit monitoring, dark web monitoring, financial transaction monitoring, and identity theft expense reimbursement of up to $1 million, among other features. Affected individuals will receive further instructions via email and mail regarding how to activate their identity protection benefits.

Steps to take if you are affected by the data breach

If you believe you may have been impacted by the Ferring Pharmaceuticals data breach, it is essential to take the following steps to protect your personal information:

1. Monitor your financial accounts and credit reports: Regularly review your bank statements, credit card activity, and credit reports for unauthorized transactions or suspicious activity. You can obtain a free credit report annually from each of the three major credit reporting agencies at AnnualCreditReport.com.
2. Place a fraud alert on your credit file: A fraud alert notifies creditors to verify your identity before opening new accounts in your name. Contact one of the three major credit reporting agencies—Equifax, Experian, or TransUnion—to place a free fraud alert.
3. Consider a security freeze: A security freeze restricts access to your credit file, preventing new accounts from being opened without your authorization. This is particularly useful if you suspect your Social Security number has been compromised.
4. Enroll in the free identity protection service: Take advantage of the complimentary 18-month Allstate Identity Protection Pro+ Cyber® plan offered by Ferring Pharmaceuticals. This service provides robust monitoring and support to help safeguard your identity.
5. Report suspicious activity: If you notice any signs of identity theft, such as unauthorized transactions or accounts opened in your name, report it immediately to your financial institution, local law enforcement, and the Federal Trade Commission (FTC) at ReportFraud.ftc.gov.
6. Stay vigilant: Be cautious of phishing emails or phone calls requesting personal information. Always verify the legitimacy of communications before responding or providing sensitive details.