Security Experts:

Connect with us

Hi, what are you looking for?



Apex Laboratory Says Patient Data Stolen in Ransomware Attack

At-home laboratory services provider Apex Laboratory said hackers stole some patient data during a ransomware attack that took place several months ago.

At-home laboratory services provider Apex Laboratory said hackers stole some patient data during a ransomware attack that took place several months ago.

Established in 1997 and headquartered in Farmingdale, New York, Apex Laboratory provides medical testing services in the New York Metropolitan and surrounding areas. In 2007, Apex opened a South Florida location.

In a data breach notification published last week, the company announced that, on July 25, 2020, it discovered a cyberattack that resulted in systems being encrypted and becoming inaccessible.

Apex said it was able to secure its network, restore affected data, and resume operations on July 27, and claims that its investigation into the incident did not reveal evidence of unauthorized access or acquisition of patient information.

“However, on December 15, 2020, Apex learned that the hackers posted information on their blog about the attack and listed data taken that contained personal and health information for some patients,” the company revealed.

While looking into the attackers’ claims, Apex discovered that the data might have been stolen from its systems between July 21 and July 25, 2020.

The medical services provider says that, for some of its patients, stolen data includes names, dates of birth, phone numbers, Social Security numbers, and test results.

“Additionally, Apex is unaware of any actual or attempted misuse of any information other than the extracting of this data as part of the cyber-attack,” the company said.

While continuing to investigate the security incident, Apex is in the process of notifying affected individuals via written mail and said it also contacted law enforcement.

While the company did not reveal information on the threat actor behind the attack, DataBreaches reports that the DoppelPaymer ransomware was used to encrypt Apex Laboratory’s systems.

DoppelPaymer operators are known for exfiltrating data from compromised environments, to pressure victims into paying the ransom.

On December 15, DoppelPaymer operators made public roughly 10,000 files they claim to have been stolen from Apex. In addition to data on hundreds of patients, employee information was also stolen in the incident, it appears.

In its data breach notification, Apex Laboratory said it “ensured that the data was removed from the hacker’s blog,” without providing further details on whether that involved paying the attackers or whether the hackers continue to be in the possession of stolen data.

Related: Kawasaki Says Data Possibly Stolen in Security Breach

Related: UK Energy Startup ‘People’s Energy’ Discloses Data Breach

Related: Belden Discloses Data Breach Affecting Employee, Business Information

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.