Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Apex Laboratory Says Patient Data Stolen in Ransomware Attack

At-home laboratory services provider Apex Laboratory said hackers stole some patient data during a ransomware attack that took place several months ago.

At-home laboratory services provider Apex Laboratory said hackers stole some patient data during a ransomware attack that took place several months ago.

Established in 1997 and headquartered in Farmingdale, New York, Apex Laboratory provides medical testing services in the New York Metropolitan and surrounding areas. In 2007, Apex opened a South Florida location.

In a data breach notification published last week, the company announced that, on July 25, 2020, it discovered a cyberattack that resulted in systems being encrypted and becoming inaccessible.

Apex said it was able to secure its network, restore affected data, and resume operations on July 27, and claims that its investigation into the incident did not reveal evidence of unauthorized access or acquisition of patient information.

“However, on December 15, 2020, Apex learned that the hackers posted information on their blog about the attack and listed data taken that contained personal and health information for some patients,” the company revealed.

While looking into the attackers’ claims, Apex discovered that the data might have been stolen from its systems between July 21 and July 25, 2020.

The medical services provider says that, for some of its patients, stolen data includes names, dates of birth, phone numbers, Social Security numbers, and test results.

“Additionally, Apex is unaware of any actual or attempted misuse of any information other than the extracting of this data as part of the cyber-attack,” the company said.

Advertisement. Scroll to continue reading.

While continuing to investigate the security incident, Apex is in the process of notifying affected individuals via written mail and said it also contacted law enforcement.

While the company did not reveal information on the threat actor behind the attack, DataBreaches reports that the DoppelPaymer ransomware was used to encrypt Apex Laboratory’s systems.

DoppelPaymer operators are known for exfiltrating data from compromised environments, to pressure victims into paying the ransom.

On December 15, DoppelPaymer operators made public roughly 10,000 files they claim to have been stolen from Apex. In addition to data on hundreds of patients, employee information was also stolen in the incident, it appears.

In its data breach notification, Apex Laboratory said it “ensured that the data was removed from the hacker’s blog,” without providing further details on whether that involved paying the attackers or whether the hackers continue to be in the possession of stolen data.

Related: Kawasaki Says Data Possibly Stolen in Security Breach

Related: UK Energy Startup ‘People’s Energy’ Discloses Data Breach

Related: Belden Discloses Data Breach Affecting Employee, Business Information

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Ransomware

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.