LifeLabs, the largest provider of healthcare laboratory testing services in Canada, has suffered a massive data breach that exposed the personal and medical information of nearly 15 million Canadians customers.
The company announced the breach in a press release posted on its website, revealing that an unknown attacker unauthorizedly accessed its computer systems last month and stole customers’ information, including their:
- Email addresses
- Login information
- Passwords, for their LifeLabs account
- Dates of birth
- Health card numbers
- Lab test results
The Toronto-based company discovered the data breach at the end of October, but the press release does not say anything about the identity of the attacker(s) and how they managed to infiltrate its systems.
However, LifeLabs admitted it paid an undisclosed amount of ransom to the hackers to retrieve the stolen data, which indicates that the attack might have been carried out using a ransomware style malware with data exfiltration abilities.
“Retrieving the data by making a payment. We did this in collaboration with experts familiar with cyber-attacks and negotiations with cybercriminals,” the company said while announcing…