LabCorp Data Breach Put Millions at Risk

LabCorp Data Breach Put Millions at Risk

Millions of personal data records are vulnerable after a breach was detected at LabCorp.

LabCorp, one of the nation's largest medical diagnostic companies, is investigating a security breach that could have put health records of millions of patients at risk.

The company, in a filing with the Securities and Exchange Commission, said it detected "suspicious activities" on its network over the weekend of July 14 and "immediately took certain systems offline as part of its comprehensive response to contain the activity."

Security Today talked with CipherCloud CEO Pravin Kothari about the breach.

"The LabCorp data breach is yet another heavy blow in the continued assault on healthcare," Kothari said. "Consider that LabCorp is one of the largest diagnostic laboratories in the world, and, as you may not be aware, is a very critical part of U.S. healthcare infrastructure. They have hundreds of networked labs across the United States and all of them are likely interconnected centrally with LabCorp headquarters. This may be one of the largest healthcare networks in the world with connections to many thousands of physician offices, hospitals and their testing facility offices worldwide."

According to the company, they shut down their entire network while determining the extent of the breach.

"Taking this preventive action may be warranted especially if they are shutting down to stop the propagation of a targeted ransomware attack and the possible destruction of patient laboratory data," Kothari said. "LabCorp connects electronically to many physician electronic medical record/electronic healthcare record (EMR/EHR) systems to both receive requests from physicians for patient testing, and then to return the results. Results are sometimes stored and sent using digital data, and other times using digital images of the test requests and test results. These systems also still work and interconnect with facsimile machines present in physician offices."

LabCorp says it has not yet detected any evidence of the unauthorized transfer or misuse of data that it stores. The company added it has notified authorities and will cooperate in any investigation.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.