Medical testing company LifeLabs failed to protect customer data, report finds


In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.

After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • Dixons Carphone prepare for backlash following data breach

    June 21, 2018

    Firm faces possible fine under GDPR after data breach went undetected Dixons Carphone faces further woes as its full-year earnings were hit, as it battle against the backlash of a serious cyber breach revealed last week. Falling gross profits and a plummeting share price were expected as the investigation continues into the data breach that compromised ...

  • Yahoo fined £250,000 by UK watchdog over data breach

    June 13, 2018

    The UK Information Commissioner’s Office (ICO) has fined Yahoo £250,000 over a data breach which occurred in 2014. The data breach resulted in the theft of at least 500 million records. It is believed that names, email addresses, telephone numbers, dates of birth, hashed passwords, and some “encrypted or unencrypted security questions and answers” were compromised. Yahoo has ...

  • MyHeritage Says Over 92 Million User Accounts Have Been Compromised

    June 5, 2018

    MyHeritage, the Israel-based DNA testing service designed to investigate family history, has disclosed that the company website was breached last year by unknown attackers, who stole login credentials of its more than 92 million customers. The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named “myheritage” ...

  • ID theft in UK hits record high as crooks shift to more vulnerable targets

    April 18, 2018

    Identity fraud in Blighty hit a record high of 174,523 incidents last year – and the vast majority of it happened online. According to the latest report by fraud prevention service Cifas, ID theft rose 1 per cent on last year. However, that is an increase of 125 per cent on 2007, the Fraudscape (PDF) report shows. Read more… Source: The ...

  • Company insiders behind 1 in 4 data breaches – study

    April 10, 2018

    The admins among you will be unsurprised to discover that, more than a quarter of the time, data breaches across the world originated between the chair and the keyboard of organisation “insiders”. And no, we don’t mean they clicked on a dodgy link… The latest edition of Verizon’s Data Breach Investigations Report (DBIR) found that 25 ...

  • Delta Confirms Breach Of Customer Payment Details

    April 5, 2018

    Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...