Data Breaches

1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative

Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.

Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.

Medical testing services provider Laboratory Services Cooperative (LSC) is notifying 1.6 million individuals that their personal information was stolen in an October 2024 data breach.

As part of the cyberattack, which was identified on October 27, a threat actor accessed LSC’s network and accessed and exfiltrated certain files containing patient and employee information.

The potentially compromised information includes names, addresses, phone numbers, email addresses, dates of birth, Social Security numbers, driver’s license numbers, government ID or passport numbers, demographic information, and health insurance information such as plan name and type, insurance provider, and member/group ID number.

For some patients, the compromised information also includes diagnosis and treatment details, dates of service, treatment location, medical record numbers, lab results, and other care-related details.

Billing and payment information such as bank account details, payment card data, billing details, balance information, claim numbers, and other financial information was also compromised in some cases.

Information on dependents or beneficiaries was also compromised for LSC employees, the Seattle-based non-profit organization says.

Advertisement. Scroll to continue reading.

LSC also disclosed that some of the affected individuals are Planned Parenthood patients who visited select centers that LSC provides lab services to.

“Please be advised that this incident did not involve all Planned Parenthood centers. It specifically may have impacted only those centers that received lab testing services from LSC,” the organization explains in a data breach notice.

In a regulatory filing with the Maine Attorney General’s Office, LSC revealed that 1.6 million individuals were impacted and it is providing them with 12 or 24 months of free credit monitoring and medical identity protection services.

According to LSC, third-party cybersecurity specialists hired to monitor the dark web have not found evidence that the information stolen in the attack may have been shared between cybercriminals.

However, the organization did not say what type of cyberattack it fell victim to and whether it received any extortion attempts. SecuritWeek has contacted LSC for additional information and will update this article if a reply arrives.

Related: Port of Seattle Says 90,000 People Impacted by Ransomware Attack

Related: State Bar of Texas Says Personal Information Stolen in Ransomware Attack

Related: 170,000 Impacted by Data Breach at Chord Specialty Dental Partners

Related: 500,000 Impacted by Pennsylvania Teachers Union Data Breach

Related Content

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Data Breaches

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

Data Breaches

HackerOne, Huntress, Jamf, OneTrust, Recorded Future, Snyk, and Tanium are among the affected Klue customers.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version