Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative

Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.

Medical testing services provider Laboratory Services Cooperative (LSC) is notifying 1.6 million individuals that their personal information was stolen in an October 2024 data breach.

As part of the cyberattack, which was identified on October 27, a threat actor accessed LSC’s network and accessed and exfiltrated certain files containing patient and employee information.

The potentially compromised information includes names, addresses, phone numbers, email addresses, dates of birth, Social Security numbers, driver’s license numbers, government ID or passport numbers, demographic information, and health insurance information such as plan name and type, insurance provider, and member/group ID number.

For some patients, the compromised information also includes diagnosis and treatment details, dates of service, treatment location, medical record numbers, lab results, and other care-related details.

Billing and payment information such as bank account details, payment card data, billing details, balance information, claim numbers, and other financial information was also compromised in some cases.

Information on dependents or beneficiaries was also compromised for LSC employees, the Seattle-based non-profit organization says.

Advertisement. Scroll to continue reading.

LSC also disclosed that some of the affected individuals are Planned Parenthood patients who visited select centers that LSC provides lab services to.

“Please be advised that this incident did not involve all Planned Parenthood centers. It specifically may have impacted only those centers that received lab testing services from LSC,” the organization explains in a data breach notice.

In a regulatory filing with the Maine Attorney General’s Office, LSC revealed that 1.6 million individuals were impacted and it is providing them with 12 or 24 months of free credit monitoring and medical identity protection services.

According to LSC, third-party cybersecurity specialists hired to monitor the dark web have not found evidence that the information stolen in the attack may have been shared between cybercriminals.

However, the organization did not say what type of cyberattack it fell victim to and whether it received any extortion attempts. SecuritWeek has contacted LSC for additional information and will update this article if a reply arrives.

Related: Port of Seattle Says 90,000 People Impacted by Ransomware Attack

Related: State Bar of Texas Says Personal Information Stolen in Ransomware Attack

Related: 170,000 Impacted by Data Breach at Chord Specialty Dental Partners

Related: 500,000 Impacted by Pennsylvania Teachers Union Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.