The personal information of 15 million Canadians may have been exposed after a company that performs diagnostic, naturopathic, and genetic tests had its computer systems hacked. LifeLabs announced the breach on its website, saying it discovered the hack through proactive surveillance. The company says it paid a ransom in order to secure the data, including test results from 85,000 Ontarians. It says that the majority of affected customers are from B.C. and Ontario, and the breach was discovered at the end of October.
The compromised test results were from 2016 and earlier and LifeLabs says there is no evidence that results were accessed in other provinces aside from Ontario, it was reported.
In response, Saryu Nayyar, CEO of Gurucul comments:
"This is another reminder that ransomware attacks are so common because they’re profitable for the attackers. Ransomware is also one of the most basic cyberattack vectors to defend against. It can be foiled by a couple of tactics that have long been in use – patches and backups. Ransomware usually relies on human error or unpatched vulnerabilities to succeed. When it does succeed, and the victim doesn’t have backups, the attacker’s extortion tactics often work. Many overburdened IT departments simply don’t have the time or the tools to get the security basics right. To combat ransomware, every organisation should use two factor authentication (2FA) to block brute force attacks, perform regular backups of valuable data, deploy patches and updates immediately to stop known threats, and provide each critical system with a unique and frequently updated password. From there, organisations should invest in modern cybersecurity technology with machine learning algorithms that can identify anomalous behaviours in real-time, before an attacker can strike