Lawsuit by LifeLabs for data breach report disclosure

Toronto based Healthcare services provider LifeLabs will soon file a lawsuit against the data watchdogs of Ontario and British Columbia for stopping the full publication of a data breach report related to a ransomware attack that took place in 2019 affecting over 15 million people.

Going deep into the details, at the end of last fall, a ransomware attack on LifeLabs database is said to have leaked the information of over 15 million of its customers.

An investigation launched by BC’s Information Protection Commissioner in association with the Ontario’s Personal Health Commissioner is said to have discovered inadequate security practices being followed by the IT Staff of LifeLabs. As a result of which, the database fell prey to the ransomware launching hackers.

In June, the Commissioner’s released a press update stating that they will publicize their investigation report to the public. And this move was strongly opposed by the management of LifeLabs as the authorities could not leak information otherwise termed to be confidential and could encourage future cyber attacks.

On July 29th, the Commissioners were intending to release the report but were opposed by LifeLabs as it was ready to abide by all the rules and regulations set forward by the Information Commissioner’s office regarding protection of user data.

As per the petition filed in the B C Supreme Court by LifeLabs lawyers, the report release was formally blocked by the law in anticipation of legal action.

More details are awaited!

Note 1- LifeLabs admitted in its recent media statement that it retrieved data by making a ransom payment to hackers after engaging experts to negotiate the payment sum in cryptocurrency with cyber criminals.

Note- 2- In Dec’19 CEO Charles Brown confirmed that the company paid a handsome sum to hackers to recover its data related to its 15 million users.

Note 3- The name of the ransomware variant that stuck its database was not disclosed to the media by LifeLabs.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display