Hackers steal records on 15M Canadians, demand ransom
The names, addresses, passwords and healthcare records of around 15 million Canadians may have been breached in a cyberattack on LifeLabs, the country's largest independent healthcare clinic, the company said on Dec. 18.
That is about 40 percent of the population of Canada, and most of the clients affected live in the provinces of Ontario and British Columbia.
The hackers demanded a ransom, and LifeLabs said it is working to get back the stolen information by making a payment.
“There is information relating to approximately 15 million customers on the computer systems that were potentially accessed in this breach,” LifeLabs president Charles Brown said in an open letter posted on the company's website.
“I am deeply concerned about this matter,” said Michael McEvoy, the privacy commissioner of British Columbia, in a news release.
“The breach of sensitive personal health information can be devastating to those who are affected.”
Through a system of laboratories across the country, LifeLabs conducts about 112 million blood tests a year.
In the open letter, Brown apologized for the breach and listed the steps LifeLabs has instituted to correct the situation.
They include hiring “world-class cybersecurity experts to isolate and secure the affected systems” and “further strengthening our systems to deter future incidents.”
Brown said the company will also offer “security protection services.”
“Any customer who is concerned about this incident can receive one free year of protection that includes dark web (cyber) monitoring and identity theft insurance,” he said in the letter.
While news of the breach was just made public by the company on Dec. 18, it is believed the attack took place on Nov. 1.