Skip to main content
close search
site logo

LabCorp Hit by Ransomware But No Data Stolen

Published July 20, 2018
By Matthew Heller

LabCorp, one of the largest medical diagnostics companies in the United States, has disclosed it was hit by a ransomware attack, highlighting the vulnerability of health organizations to data breaches.

LabCorp first reported the breach on Monday, saying in a regulatory filing that it had detected suspicious activity on its IT network and had in response taken certain systems offline to limit any damage.

On Thursday, the company said the attack came in the form of ransomware but it had found “no evidence of theft or misuse of data.” LabCorp processes more than 2.5 million tests each week and sees more than 115 million patients annually.

“As part of our in-depth and ongoing investigation into this incident, LabCorp has engaged outside security experts and is working with authorities, including law enforcement,” it stated.

LabCorp declined to say what variant of ransomware was used in the breach. But The Wall Street Journal identified the culprit as SamSam, the same strain that attacked the city of Atlanta’s IT network in March.

“SamSam will effectively lock down a computer, encrypting all the files inside, and then demand the victim pay up to free the system,” PCMag said.

The disclosure earlier this year of a Florida Medicaid breach prompted the FBI to issue warnings that there is an increased risk of attacks to healthcare organizations. “Given the nature of the sensitive information available, health records may be worth more when sold on the dark web, and a Verizon Data Breach report revealed that 72 percent of all healthcare attacks were ransomware,” Digital Trends said.

Forbes suggested LabCorp is a particularly inviting target for hackers since it “sits on countless gigabytes of irreplaceable patient data that could be locked away by ransomware. It also has very deep pockets. Hackers could be hoping that LabCorp would rather pay a few hundred thousand dollars to make the problem go away rather than spending millions on other measures.”

Remediation costs for even a relatively small ransomware outbreak can be steep. IBM has estimated the average cost for a business to be around $3.86 million in 2017.

Filed Under: Technology

Editors' pick

  • Calendar
    Image attribution tooltip
    Misha Shutkevych via Getty Images
    Image attribution tooltip
    Tracker

    CFO Annual Conferences and Events Tracker

    CFO’s annual conference and events calendar tracker ensures finance executives know about the most essential in-person events.

    By CFO Editorial Team • Updated 23 hours ago

Company Announcements

View all | Post a press release
Wealth Inequality the Result of Pure Randomness, Tufts University Study Suggests
From Society for Industrial and Applied Mathematics
November 21, 2023

Want to share a company announcement with your peers?

Get started

Read next
  • Calendar
    Image attribution tooltip
    Misha Shutkevych via Getty Images
    Image attribution tooltip
    Tracker

    CFO Annual Conferences and Events Tracker

    CFO’s annual conference and events calendar tracker ensures finance executives know about the most essential in-person events.

    By CFO Editorial Team • Updated 23 hours ago
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2023 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell