LabCorp Probing Probable Data Breach

July 19, 2018


LabCorp, one of the world’s biggest clinical testing laboratories, has suffered a cyberattack that has possibly led to the health data of millions of patients being retrieved by hackers.

The cyberattack was noticed over the weekend of July 14, when strange activity was noticed on its Diagnostics systems. The IT safety team took swift action and began closing down systems to restrict the attack. Some of those systems are even now offline as efforts continue to probe the breach, decide its scope, and find out whether access to health data was acquired by the attackers.

LabCorp manages 36 testing services all over the United States, manages the National Genetics Institute in Los Angeles, and heads up medication development programs, and helps medical tests in 100 countries. The firm saves a substantial volume of patient data including private information and test results. LabCorp manages the test results of over 2.5 million patients every week and checks 115 million patient meetings each year. If access to data was obtained, this might be one of the gravest breaches of 2018 to date.

At this time it is uncertain if, and how many, patients have been impacted. As per a statement issued by LabCorp, the cyberattack involved an earlier unidentified ransomware variation. Ransomware usually encrypts files but doesn’t involve data exfiltration.

LabCorp responded quickly to the attack and applied its emergency procedures to restrict the possibility of data theft and harm. The Securities and Exchange Commission (SEC) has already been informed about the breach even though, at the time of writing, no notification has been published on its corporate website.

In its SEC recording, the firm described that specific systems had been closed to restrict the attack. “This provisionally affected test handling and customer access to test results on or over the weekend. Work has been continuing to reestablish complete system functionality as rapidly as possible, testing jobs have significantly resumed, and we expect that other functions and systems will be reestablished through the next several days.”

At this time, no proof has been found to indicate any patient data or other confidential information has been moved from its servers, and neither has there been any details of data abuse. Law enforcement has been informed about the attack and other suitable authorities have been notified.

LabCorp said the doubtful activity was noticed on LabCorp Diagnostics systems, and not any systems used by Covance Drug Development.

Should patient data access be doubted, LabCorp will release notices to affected people as per HIPAA Laws.