In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.
After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.
Read more…
Source: Malwarebytes Labs
Related:
- Broadcom hit by employee data theft after breach in supply chain
May 19, 2025
Customers of the global semiconductor giant Broadcom have had their sensitive data leaked on the dark web after a two-step supply chain attack. Apparently, a company called Business Systems House (BSH), a human capital management (HCM) services provider from the Middle East, suffered a ransomware attack in September 2024, in which a group known as El ...
- Cocospy stalkerware apps go offline after data breach
May 19, 2025
A trio of phone surveillance apps, which was caught spying on millions of people’s phones earlier this year, has gone offline. Cocospy, Spyic, and Spyzie were three near-identical but differently branded stalkerware apps that allowed the person planting one of the apps on a target’s phone access to their personal data — including their messages, photos, ...
- UK: Legal Aid database hacked, ‘significant amount’ of data and criminal records stolen
May 19, 2025
The UK’s Ministry of Justice (MoJ) has revealed that a cyberattack on the Legal Aid system has led to the theft of a “significant amount” of data, including criminal records. The MoJ was alerted to the attack on April 23 when data dating back as far as 2010 was accessed by the attackers. Earlier this month, ...
- Fashion giant Dior confirms customer data accessed in cyber attack
May 15, 2025
Luxury French fashion brand Dior is the latest high-profile retail firm to be hit by a cyber attack. In a statement, Dior said customer data was accessed as a result, however, no financial information was impacted. The incident comes in the wake of a number of UK retailers, including Marks and Spencer and Co-op, being hit ...
- Coinbase warns of $400m hit after data breach
May 15, 2025
Crypto exchange Coinbase has disclosed a significant cyber attack that could cost the company between $180m (£135m) and $400m (£300m), after hackers breached account data belonging to a “small subset” of its users. The news sent shares down three per cent in pre-market trading on Thursday. Coinbase said it received an email from an unknown threat ...
- Ransomware group Lockbit appears to have been hacked
May 8, 2025
The ransom-seeking cybercriminals behind the extortion group Lockbit appear to have suffered a breach of their own, according to a rogue post to one of the group’s websites and security analysts who follow the gang. On Wednesday one of Lockbit’s darkweb sites was replaced with a message saying, “Don’t do crime CRIME IS BAD xoxo from ...