Laboratory testing company LifeLabs says a cyberattack that involved unauthorized access to its computer systems has put the private information of roughly 15 million LifeLabs patients at risk.
LifeLabs released an open letter Dec. 17 addressing the cyberattack, noting customer information, such as name, address, date of birth, login details, email, lab test results and health were allegedly accessed illicitly.
The majority of these customers are in Ontario and British Columbia, and only a small number of customers are in other locations.
In the case of lab test results, the company’s investigations of these systems indicate that 85,000 customers located in Ontario were impacted in or before 2016 and they will be notified directly by LifeLabs. The investigation also indicates that any instance of health card information took place in or before 2016.
While Charles Brown, president and chief executive officer of LifeLabs, says that the organization’s cybersecurity firms have hinted that the risk to the customers in connection with this cyberattack is low, the provinces’ privacy commissioners have been notified and are investigating the matter.
No public disclosure of LifeLabs customer data has been seen as part of the monitoring of online locations including the dark web, he noted in the open letter.
“We have fixed the system issues related to the criminal activity and worked around the clock to put in place additional safeguards to protect your information,” he wrote.
LifeLabs says it has also notified its government partners of this attack.
