Another cyberattack on the healthcare sector has put the privacy of millions of users at risk. Recently, a Canadian healthcare firm LifeLabs has disclosed a data breach impacting millions of patients. What’s notable here is that the firm did pay for to recover the data.
LifeLabs Suffered Data Breach
The largest Canadian general diagnostic and specialty laboratory testing services provider LifeLabs has confirmed a cybersecurity incident. Reportedly, LifeLabs suffered a data breach that the data of affected millions of patients.
In an open letter to the customers, the CEO of LifeLabs, Charles Brown, explained the details of the incident. As stated, the incident resulted in the exposure of users’ personal and health-related information to the attackers.
LifeLabs recently identified a cyber-attack that involved unauthorized access to our computer systems with customer information that could include name, address, email, login, passwords, date of birth, health card number and lab test results.
Elaborating further, he mentioned that the incident affected 15 million customers, the majority of whom reside in British Columbia and Ontario. The breached data dates back to 2016 and earlier.
Our investigations to date of these systems indicate that there are 85,000 impacted customers from 2016 or earlier located in Ontario…
Our investigation to date indicates any instance of health card information was from 2016 or earlier.
Security Measures Taken
After noticing the incident, the firm promptly started taking necessary actions to remediate. They engaged cybersecurity experts to resolve the attack. Plus, they also made some payments to recover the lost data. As stated in the letter, one of the steps they took include,
Retrieving the data by making a payment. We did this in collaboration with experts familiar with cyber-attacks and negotiations with cyber criminals.
Though, they didn’t specifically mention a malware attack. Yet, their act of paying to recover data hints it to be a ransomware attack.
Furthermore, they also filed reports to the Office of the Information and Privacy Commissioner of Ontario (OIPC) and the Office of the Information and Privacy Commissioner for British Columbia (IPC).
While the CEO’s letter to the customers does not state the exact date of the incident, the statements from the IPC and OIPC hint that it happened around November 1, 2019.
For now, the CEO has assured that the breach did not adversely affect the security of customers.
I want to emphasize that at this time, our cyber security firms have advised that the risk to our customers in connection with this cyber-attack is low and that they have not seen any public disclosure of customer data as part of their investigations, including monitoring of the dark web and other online locations.
Let us know your thoughts in the comments.