In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.
After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.
Read more…
Source: Malwarebytes Labs
Related:
- Data breach leaks a whopping 2.7 billion records inclusing smartphone and Wi-Fi info
February 16, 2025
A huge data breach has resulted in the leak of 2.7 billion records belonging to China’s Mars Hydro. The company is involved in indoor growing and hydroponics which is the process of growing plants without soil. The company offers LED grow lights, grow tents, and other products. Because many of the products it offers are controlled ...
- Zacks Investment hit in data breach – 12 million users potentially at risk
February 14, 2025
A report by BleepingComputer cites a thread posted on an underground hacking forum claiming to have breached Zacks in June 2024, gaining sensitive information on 12 million people, including names, usernames, email addresses, postal addresses, and phone numbers. The forum thread contained a small sample, and an offer for the entire batch in exchange for a ...
- Grubhub confirms data breach, both drivers and customers are affected
February 4, 2025
Grubhub, the food delivery service, has been hacked. On Monday, the company confirmed a data breach that affects both its drivers and customers. According to Grubhub, the malicious actor was able to gain entry into its systems via a third-party vendor that provides services for Grubhub’s support team. The hacker was able to access private information connected ...
- Deloitte to provide Rhode Island $5 million toward data breach aftermath expense
February 4, 2025
Deloitte will provide Rhode Island with $5 million to go toward paying expenses related to the RIBridges data breach that took place in December of 2024. Separately, Deloitte will also cover the cost of the data breach call center, credit monitoring for affected Rhode Islanders and identity protection, according to a statement from Rhode Island Governor ...
- DeepSeek leaks one million sensitive records in a major data breach
January 30, 2025
A New York-based cybersecurity firm, Wiz, has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup, revealing a cache of sensitive data openly accessible on the internet. According to a report published by Wiz, the exposed data included over a million lines of log entries, digital software keys, backend details, and user chat ...
- Smiths Group: Shares fall as engineering giant hit by cyber attack
January 28, 2025
Global engineering firm Smiths Group has reported a cyber security incident involving unauthorised access to its systems. Upon detecting the breach, the firm promptly isolated the affected systems and activated its business continuity plans to mitigate disruptions. The company, known for its baggage screening equipment and explosive detectors, is collaborating with cyber-security experts to restore the ...