Medical testing company LifeLabs failed to protect customer data, report finds


In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.

After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • Superdrug hack: Data thieves claim to have information on 20,000 customers

    August 22, 2018

    Superdrug has been targeted by hackers claiming they had access to tens of thousands of customers’ personal details including dates of birth and phone numbers. The high street chain it had been contacted by someone who claimed that they had obtained the details of approximately 20,000 customers. The company confirmed that 386 of the accounts had been compromised and said ...

  • Apple files stored by teen in ‘hacky hack hack’ folder

    August 17, 2018

    A teenage boy from Australia has pleaded guilty to hacking into Apple’s network and downloading internal files, according to reports. The 16-year-old accessed 90 gigabytes worth of files, breaking into the system many times over the course of a year from his suburban home in Melbourne, reports The Age newspaper. It says he stored the documents in a ...

  • Singapore’s Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen

    July 20, 2018

    Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty , and eight polyclinics. According to an advisory released by Singapore’s Ministry ...

  • Timehop breach hits 21 million users due to a lack of 2FA on cloud services

    July 9, 2018

    Timehop, a service that surfaces a user’s past social media content, has revealed a security breach that hit the company on July 4, and resulted in a database of 21 million users hit. As a result, the company has voided all social media authorisation tokens it held, and is alerting its users. Around 4.7 million phone numbers were breached, ...

  • Fortnum & Mason data breach: 23,000 customers’ details accessed

    July 3, 2018

    The data of thousands of Fortnum & Mason customers, including addresses and contact phone numbers, has been accessed after a breach on a form on its website. The 310-year-old food shop, known as the “Queen’s grocer”, has become the latest company to fall victim to an attack. About 23,000 people who filled out a survey or took ...

  • Adidas US breach may have exposed millions of customers’ personal info

    June 29, 2018

    Adidas warned late on Thursday that hackers may have lifted customer data from its US website. The sportswear maker said personal data, including contact information (addresses and email addresses), and encrypted passwords may have fallen into the hands of criminals, but was able to reassure customers that neither financial nor fitness information was at risk. Read more… Source: The Register