Skip to content

Illustration by Security Management

Pharmacist Tampers with 500 Doses of Vaccine

A Wisconsin pharmacist is accused of intentionally sabotaging more than 500 doses of the COVID-19 vaccine last month, deliberately leaving 57 vials of the Moderna vaccine out of refrigeration overnight twice. This potentially rendered all 57 vials useless, and healthcare workers were forced to discard the doses and inform 57 people that the vaccines they had received may have been ineffective, NPR reports.

At first, hospital officials said they believed that the vials had been left out inadvertently, but investigations uncovered that the act was intentional. The pharmacist, Steven Brandenburg, told police that he believed the vaccine was hazardous to people and could “change their DNA,” The New York Times reports. Although the doses are sometimes described as a “genetic vaccine,” they do not alter the recipient’s DNA.

Brandenburg was arrested on felony charges of reckless endangerment and property damage. The FBI and U.S. Food and Drug Administration are also investigating. He has since been fired.

An admitted conspiracy theorist, Brandenburg had raised multiple red flags at work—the 46-year-old is in the middle of a divorce, and a fellow employee at Advocate Aurora Health had reported that Brandenburg had taken a gun to work twice. Brandenburg’s wife said in an affidavit that she was concerned about his reaction to being fired, and during recent weeks, he had been making alarming statements.

“He told me that if I didn’t understand by now that he is right and that the world is crashing down around us, I am in serious denial,” Gretchen Brandenburg said in an affidavit. “He continued to say that the government is planning cyberattacks and plans to shut down the power grid.”

The president of the Aurora Health Care Medical Group, Jeff Bahr, defended the hospital system’s protocols last week, saying that this issue involved a bad actor, not a bad process. Bad actors can have an outsized impact on risk, however, especially in a high-stakes environment like pharmaceuticals and healthcare.

“Experience has taught us that bad actors in pharmaceutical and healthcare environments can be mitigated against with good processes,” says Mark Giuffre, CPP, director at Hillard Heintze. “Secret storage locations, security cameras, tracking systems, and restricted access primarily address external threats. Good processes to confront insider threats are more important now, with the vaccines, than ever before. This includes strict adherence to ‘rule of two’ protocols mandating that at least two people be physically present to conduct, witness, and certify every single activity involving contact with vaccine supplies. In addition, programs of enhanced monitoring of key personnel should be implemented.”

More on security strategies for pharmaceutical operations is available in Giuffre’s September 2020 Security Management article, “Drug Diversion and Loss Prevention: A Changing Landscape.”

“There were a number of red flags regarding this pharmacist that may have warranted increased monitoring by program managers,” Giuffre adds. “Ongoing, updated due diligence regarding key personnel can identify, assess, and, where appropriate, lead to mitigation of insider threats regarding the vaccines.”

Val LeTellier, a member of the ASIS Defense and Intelligence Community’s Insider Threat Working Group, agrees.

“This case underlines the value of knowing your employees; particularly those in positions of authority, trust and sensitivity,” he says. “Mr. Brandenburg’s self-destructive temperament and forward movement along the insider threat kill chain was recognizable and could have been addressed, if his managers and colleagues were properly trained. This case also underlines that root causes can result in a variety of insider action; the guns brought into the workplace could have been used violently. Regular engagement and continuous evaluation—enabled by public data—can help identify critical events impacting their employees and provide the opportunity for positive intervention.”

More guidance about insider threat risks and mitigation is available to ASIS members in an exclusive eBook, Protecting Your Company from Insider Threats (Login required).