Millions of Health Records at Risk After LabCorp Doubted Breach

July 20, 2018

 

LabCorp, a healthcare diagnostics firm, has closed down its systems after a doubted network breach, which might have put millions of health files at risk. 

In a statement to the United States Securities and Exchange Commission, the firm declared that during the weekend of July 14, 2018 it had noticed doubtful activity on its IT network and instantly took particular systems off. The firm stated that the doubtful activity has been noticed only on LabCorp Diagnostic systems, and that “there was no sign that it affected systems utilized by Covance Drug Development.”

LabCorp supplies diagnostic, drug development and technology-enabled solutions for over 115 million patients per year, as per its website. It usually handles tests on over 2.5 million patient samples per week and helps clinical trial activity in about 100 countries. It has more than 1900 patient service centers in the United States. 

The filling itself doesn’t go into detail as to which systems might have been affected, however, worries over patient data are correct. In August 2017, the NHS experienced a data breach where 1.2 million patient names were hacked, and another breach which led to 655,000 patient records from three hacked healthcare suppliers being sold. 

As per Healthcare IT News, in June 2018 LabCorp successfully won a court battle over a suspected HIPAA breach and was charged with not providing sufficient secrecy protection at its Providence Hospital computer intake system. LabCorp contended an individual cannot bring a litigation under HIPAA and filed a motion to sack. The judge approved.

HIPAA has also circulated that there have been 2181 healthcare data breaches since 2009, the biggest being Anthem Inc. which had 78.8 million files thieved from a database hack.  

“We take it for granted that physicians and medical experts will have full access to our health summaries and background… nevertheless the very type of this access, and the huge amount of information maintained within the healthcare industry, make it a main and lucrative target for offenders,” penned Suzanne Widup, senior expert, Verizon Security, back in March 2018. “Knowing which safety dangers are out there, and what measures to take to proactively avoid safety occurrences is crucial if private healthcare information is to be kept secure.”

Although it has not been verified by LabCorp who is at the back of the doubted attack, Verizon’s 2018 PHI Data Breach Report emphasized that healthcare was the lone industry in which internal actors were the largest danger to an organization, driven by financial advantage or looking up private files of superstars.