Canada’s largest provider of specialized laboratory testing services said it paid hackers an undisclosed amount for the restitution of personal information they had stolen from no fewer than 15 million customers.
LifeLabs from Toronto, Ontario, has informed the Canadian authorities of the November 1 attack. The company said a cyber attack hit computer systems that store data for around 15 million customers. The stolen information included names, addresses, e-mail addresses, customer logons and passwords, health card numbers and laboratory tests.
The incident response, president and CEO of the company, Charles Brown, said in a statement: “retrieve the data by making a payment.” The director added: “We did this in collaboration with experts who are familiar with cyber attacks and negotiations with cyber criminals.” The statement did not state how much LifeLabs paid for the return of the data. Representatives did not immediately respond to an email to find the amount.
According to an opinion from the Office of the Information and Privacy Commissioner of Ontario and the Office of the Information and Privacy Commissioner for British Columbia: . LifeLabs involved external cyber security consultants to conduct research and to help restore data security. “
LifeLabs said its research so far indicates that the test results that were consulted were from 2016 or earlier and included around 85,000 customers. Access to information about health cards was also from 2016 or earlier. So far, there are no indications that the stolen data has been distributed to parties other than LifeLabs.
The LifeLabs statement said corporate officials resolved the system that led to the breach. The company offers a year of free identity theft monitoring and identity theft insurance. Involved customers can sign up for help here.