FTC settles with Eli Lilly over security lapse

The U.S. Federal Trade Commission (FTC) said Friday that it settled with pharmaceutical maker Eli Lilly and Co. for revealing sensitive personal information that the company collected over its Prozac.com Web site.

The FTC required Eli Lilly to tighten its security program and institute more rigorous personnel training after the company sent an e-mail to members of its "Medi-messenger" e-mail reminder service that disclosed the addresses of all 699 subscribers to the service. Medi-messenger was being used on the Prozac.com site to remind users when to take or refill prescriptions to the antidepression drug Prozac.

"Companies that obtain sensitive information in exchange for a promise to keep it confidential must take appropriate steps to ensure the security of that information," J. Howard Beales, III, director of the FTC's Bureau of Consumer Protection said in a statement.

The security snafu occurred last June 27 when an employee of the drug maker created a new computer program to access Medi-messenger's e-mail subscriber list. The employee then sent an e-mail to subscribers that contained all the recipients' addresses in the "To" field.

News source: ITworld - FTC settles with Eli Lilly over security lapse

Previous Story
Intel moves on new mobile chips
Next Story
Trust me, I'm From Microsoft