LabCorp Data Breach Put Millions at Risk

LabCorp Data Breach Put Millions at Risk

Millions of personal data records are vulnerable after a breach was detected at LabCorp.

  • By Sydny Shepard
  • Jul 19, 2018

LabCorp, one of the nation's largest medical diagnostic companies, is investigating a security breach that could have put health records of millions of patients at risk.

The company, in a filing with the Securities and Exchange Commission, said it detected "suspicious activities" on its network over the weekend of July 14 and "immediately took certain systems offline as part of its comprehensive response to contain the activity."

Security Today talked with CipherCloud CEO Pravin Kothari about the breach.

"The LabCorp data breach is yet another heavy blow in the continued assault on healthcare," Kothari said. "Consider that LabCorp is one of the largest diagnostic laboratories in the world, and, as you may not be aware, is a very critical part of U.S. healthcare infrastructure. They have hundreds of networked labs across the United States and all of them are likely interconnected centrally with LabCorp headquarters. This may be one of the largest healthcare networks in the world with connections to many thousands of physician offices, hospitals and their testing facility offices worldwide."

According to the company, they shut down their entire network while determining the extent of the breach.

"Taking this preventive action may be warranted especially if they are shutting down to stop the propagation of a targeted ransomware attack and the possible destruction of patient laboratory data," Kothari said. "LabCorp connects electronically to many physician electronic medical record/electronic healthcare record (EMR/EHR) systems to both receive requests from physicians for patient testing, and then to return the results. Results are sometimes stored and sent using digital data, and other times using digital images of the test requests and test results. These systems also still work and interconnect with facsimile machines present in physician offices."

LabCorp says it has not yet detected any evidence of the unauthorized transfer or misuse of data that it stores. The company added it has notified authorities and will cooperate in any investigation.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Most   Popular

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.