THUNDER BAY – A cyberattack may have exposed the personal information of up to 15 million LifeLabs customers in Ontario and British Columbia, including patients in Thunder Bay.
LifeLabs, a general diagnostic and specialty laboratory test service that has three offices in Thunder Bay, told the Office of the Information and Privacy Commissioner of Ontario, as well as the Office of the Information and Privacy Commissioner for British Columbia on Nov. 1 about the breach and potential cyberattack.
The possible breach could have exposed information, including names, addresses, emails, customer log-ins and passwords, health card numbers and lab test results, for patients in 2016 or prior.
According to the privacy commissioner, the company reported that cyber criminals hacked into their systems, extracting data while demanding a ransom.
Outside cybersecurity consultants were retained to investigate and assist with restoration and security of the stolen data.
The two government organizations say they plan to investigate the scope of the breach, what led to it and what measures LifeLabs could have taken to prevent or contain the breach.
"An attack of this scale is extremely troubling. I know it will be very distressing to those who may have been affected. This should serve as a reminder to all institutions, large and small, to be vigilant," said Brian Beamish, Information and Privacy Commissioner of Ontario, in a release issued on Tuesday. "Cyberattacks are growing criminal phenomena and perpetrators are becoming increasingly sophisticated. Public institutions and healthcare organizations are ultimately responsible for ensuring that any personal information in their custody and control is secure and protected at all times."
A dedicated phone line, accessible at 1-888-918-0467, has been set up for customers affected by the breach. Customers can also visit www.customernotice.lifelabs.com for more information.
