Investors sue LabCorp over security failures in light of data breach, ransomware attack

Looking for reasons to increase your cybersecurity investment?…:

[…] As reported by Bloomberg Law, LabCorp’s chief executive, chief information officer, and chief financial officer are specifically named in the Delaware court case, which accuses them of ignoring “persistently deficient cybersecurity measures” that led to a data breach and malware infection.

According to the lawsuit, failing to address these problems has impacted investors and resulted in financial losses due to share price changes, and therefore, damages are sought.

A data breach occurring at the American Medical Collection Agency (AMCA) lasted for a period of eight months, between August 2018 and March 2019. The billing agency’s breach, in which a threat actor was able to compromise internal networks, led to the theft of information belonging to at least 20 million US citizens.

Patient data from corporate clients including Quest Diagnostics, BioReference Laboratories, and LabCorp was compromised. AMCA was unable to handle the financial ramifications of the security incident and later filed for bankruptcy.

Over 7 million patient records were stolen from LabCorp alone. However, this was not the only cybersecurity issue the company faced.

LabCorp was also subject to malware infection in late 2018, in which a threat actor was able to infect the company’s network with SamSam ransomware.


Original Article