In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.
After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.
Read more…
Source: Malwarebytes Labs
Related:
- British Airways: If you’re feeling left out of our 380,000 passenger hack, then you may be one of another 185,000 victims
October 25, 2018
British Airways’ horror hack is worse than first thought: the world’s favorite airline has added 185,000 cardholders to the pile of 380,000 potentially caught up in the IT security breach. In September, it emerged that hackers spent two weeks slurping the personal and payment card data of people who booked travel via BA’s website and mobile application. As ...
- HealthCare.gov system hack leaves 75,000 individuals exposed
October 20, 2018
A hack was detected earlier this month in a government computer system that works alongside HealthCare.gov, exposing the personal information of approximately 75,000 people, according to the agency in charge of the portal. In a statement to CNN, the Centers for Medicare and Medicaid Services (CMS) said the system that was exposed through the hack was ...
- UK MoD secrets exposed in dozens of cyber security breaches
October 15, 2018
Ministry of Defence secrets were exposed in dozens of breaches of military cyber security policy last year, as hostile nations and spy agencies continue to probe the UK’s defence sector. Heavily redacted reports obtained by Sky News have revealed that the MoD and its partners failed to protect military and defence data in 37 incidents in ...
- The Cybersecurity 202: The U.S. needs a law that requires companies to disclose data breaches quickly, cybersecurity experts say
October 15, 2018
A slight majority of digital security experts surveyed by The Cybersecurity 202 say the United States should follow in the European Union’s footsteps and pass a law that requires companies to disclose data breaches quickly. Europe’s General Data Protection Regulation requires companies with customers in the E.U. to notify regulators of a breach within 72 hours or face a severe ...
- Pentagon discloses card breach
October 13, 2018
Pentagon official said on Friday that the Department of Defense had suffered a security breach thanks to a third-party contractor. An investigation is still underway, so the exact details haven’t been made public, but according to an Associated Press report, a DOD official said that roughly 30,000 DOD military and civilian personnel are believed to be affected. ...
- Facebook mass hack last month was so totally overblown – only 30 million people affected
October 12, 2018
Facebook users can relax and get back to interacting with quality content and authentic individuals on the social network. Last month’s deliberate theft of private account records from the internet giant, initially believed to affect 50 million or maybe 90 million accounts, turns out to be nowhere near that bad. Cough. On Friday, the data-harvesting biz said a mere 30 ...