The personal information of 15 million Canadians may have been exposed after a company that performs diagnostic, naturopathic, and genetic tests had its computer systems hacked.
LifeLabs announced the breach on its website, saying it discovered the hack through proactive surveillance.
The company says it paid a ransom in order to secure the data, including test results from 85,000 Ontarians. It says that the majority of affected customers are from B.C. and Ontario, and the breach was discovered at the end of October.
The compromised test results were from 2016 and earlier and LifeLabs says there is no evidence that results were accessed in other provinces aside from Ontario, it was reported.
In response, Javvad Malik, security awareness advocate at KnowBe4 comments:
“There are few details available at the moment, so it’s difficult to say how the breach occurred. All that we know at the moment is that an unauthorised third party managed to gain access to a large dataset of customer information.
It looks like the criminals were successfully able to extort money from LifeLabs, but paying criminals is no guarantee they won’t re-sell the data, or use it to compromise users further. So customers should be wary of any emails they receive, particularly ones which may claim to be from LifeLabs.
Additionally, customers should take advantage of any identity theft protection that is offered and keep an eye on their credit records. “