In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen.
After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation. The privacy commissioners of both British Columbia and Ontario finished writing a report about the incident in 2020 but LifeLabs managed to hold that up in court for four years. Now the report is publicly available and some of the findings are both shocking and unsurprising.
Read more…
Source: Malwarebytes Labs
Related:
- Nissan Finance Canada Suffers Data Breach — Notifies 1.13 Million Customers
December 21, 2017
It’s the last month of this year, but possibly not the last data breach report. Nissan warns of a possible data breach of personal information on its customers who financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada. Although the company says it does not know precisely how many customers were affected by the ...
- Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC
December 18, 2017
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign ...
- Uber says data breach compromised 380K users in Singapore
December 16, 2017
Uber says an estimated 380,000 users in Singapore were impacted by the 2016 data breach that compromised 58 million accounts globally, but finds no incidents of fraud related to the attack. The ride-sharing operator posted a statement on its website Friday with the update, noting that the figure was “an approximation rather than an accurate and ...
- Imgur—Popular Image Sharing Site Was Hacked In 2014; Passwords Compromised
November 24, 2017
Only after a few days of Uber admitting last year’s data breach of 57 million customers, the popular image sharing site disclosed that it had suffered a major data breach in 2014 that compromised email addresses and passwords of 1.7 million user accounts. In a blog post published on Friday, Imgur claimed that the company had been notified of ...
- Uber concealed huge data breach
November 21, 2017
Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed. The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data. The company’s former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news. The hackers ...
- Your biggest threat is inside your organisation and probably didn’t mean it
November 19, 2017
It doesn’t have a super-sexy moniker like KRACK or Heartbleed, but the spectre of the insider threat looms large for organisations, and has done so for as long as electricity, silicon, and computing have been paired up to store information. While it’s easy to imagine a disgruntled, unhappy employee becoming a malicious actor within an organisation, and dumping the ...