LabCorp, one of the nation’s largest medical diagnostics companies, is investigating a security breach that could have put health records of millions of patients at risk.
The company, in a filing with the Securities and Exchange Commission, says it detected “suspicious activities” on its network over the weekend of July 14 and “immediately took certain systems offline as part of its comprehensive response to contain the activity.”
LabCorp says it has not yet discovered any evidence of the unauthorized transfer or misuse of data it holds. The company added it has notified authorities and will cooperate in any investigation.
“This temporarily affected test processing and customer access to test results on or over the weekend,” the company said. “Work has been ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored through the next several days. Some customers of LabCorp Diagnostics may experience brief delays in receiving results as we complete that process.”
Experts have been sounding an alarm this year to expect additional health care hacks. Late last year, a massive Medicaid hack in Florida exposed sensitive information for 30,000 patients.
Verizon, in a March cybersecurity report, said the biggest threat to the industry wasn’t outside hackers, but people inside companies.
“Health care is the only industry in which internal actors are the biggest threat to an organization,” wrote the report authors. “Often they are driven by financial gain, such as tax fraud or opening lines of credit with stolen information (48 percent); fun or curiosity in looking up the personal records of celebrities or family members (31 percent); or simply convenience (10 percent).”
LabCorp has not said who may be behind the breach.
