Canadian laboratory test provider LifeLabs reveals the personal information and potentially other information such as names, logins, passwords, dates of births and health card numbers of an unknown number of the company’s 15 million Canadian customers may have been stolen in a data breach known to the company sometimes in October 2019.
There is also possibility that laboratory test results for up to 85,000 Ontarians (from 2016 or earlier) also were stolen in a hacker attack. The company states that measures has been taken to secure the stolen data, including but not limited to retrieving the data by making a payment to the hacker or hackers.
LifeLabs is one of the largest providers of laboratory test and diagnostic testing stated in an open letter to its customers including that the majority of its operations are in Ontario and British Columbia.
Can’t guarantee copying of Data
In the open letter to Lifelabs customers the CEO of the company said that the risk to customers from the data breach is low as he has been told by cybersecurity firms that was commissioned. Despite LifeLabs saying it paid the ransom, there are no guarantees the data won’t show up on the dark web or other online locations as it is virtually impossible to control these terms with hackers.
Basically neither Lifelabs nor any other party can guarantee that stolen data is not copied as it is too soon to see the hacked data to appear on the dark web or other online locations.
This is another reminder for health care providers, specially those who handle sensitive customer information to take the web security seriously by hiring cybersecurity experts to help with developing plans to reduce or mitigate the impact of hacker attacks.