LifeLabs retrieves personal data of 15 million customers with payment to cyber criminals

Get The Scoop Muskoka! Subscribe to Muskoka Post and our digital newsstand will make its way directly to your inbox. No registration required with zero article limits. Read to your heart's content and get the latest scoop with our Muskoka content.

LifeLabs customers, 15 million of them, have had their personal information breached and compromised.

On Dec. 17 the company announced the identified cyber-attack which involved unauthorized access to computer systems with customer information that could include name, address, email, login, passwords, date of birth, health card number and lab test results.

Charles Brown, LifeLabs President and CEO, issued an apology in a statement posted to the company’s site.

”I want to say I am sorry that this happened. As we manage through this issue, my team and I remain focused on the best interests of our customers. You entrust us with important health information, and we take that responsibility very seriously,“ he wrote.

According to their website each year LifeLabs performs over 112 million laboratory tests to help diagnose, treat, monitor and prevent diseases for millions of Canadians. The company does standard lab testing as well as genetic and naturopathic testing.

The company has engaged world-class cyber security experts to isolate and secure the affected systems and determine the scope of the breach. Other protection measures included; Further strengthening systems to deter future incidents and retrieving the data by making a payment.

“We did this in collaboration with experts familiar with cyber-attacks and negotiations with cyber criminals. Engaging with law enforcement, who are currently investigating the matter,” said Brown.

Brown emphasized that the company’s cyber security firms have advised that the risk to customers in connection with this cyber-attack is low and that they have not seen any public disclosure of customer data as part of their investigations, including monitoring of the dark web and other online locations.

In his statement Brown also said that system issues related to criminal activity have been “fixed and further safeguards have been implemented.“

”In the interest of transparency and as required by privacy regulations, we are making this announcement to notify all customers. There is information relating to approximately 15 million customers on the computer systems that were potentially accessed in this breach. The vast majority of these customers are in B.C. and Ontario, with relatively few customers in other locations. In the case of lab test results, our investigations to date of these systems indicate that there are 85,000 impacted customers from 2016 or earlier located in Ontario; we will be working to notify these customers directly. Our investigation to date indicates any instance of health card information was from 2016 or earlier,” he wrote.

LifeLabs has notified the privacy commissioner of the breach and they are also investigating the matter. Government partners have also been notified.

LifeLabs customers who are concerned about this incident can receive one free year of protection that includes dark web monitoring and identity theft insurance.

40 views0 comments

Muskoka  Post

©2017 by MUSKOKA POST. Proudly created with