Skip to content

Health care industry is a prized target, experts say in wake of LifeLabs hack

Hackers accessed personal information of up to 15 million customers, almost all in Ontario and B.C.
19860075_web1_CPT12036294
LifeLabs signage is seen outside of one of the lab’s Toronto locations, Tuesday, Dec. 17, 2019. THE CANADIAN PRESS/Cole Burston

Cyber security experts say that the recent data hack at LifeLabs Medical Laboratory Services, one of Canada’s largest medical services companies, is part of a broader problem faced by the health care industry.

LifeLabs revealed Tuesday that hackers gained access to the personal information of up to 15 million customers, almost all in Ontario and B.C., forcing the company to pay a ransom to retrieve and secure the data.

Raheel Quereshi, co-founder of Toronto-based consulting firm iSecurity, said Wednesday that the health care industry is a prized hacker target in recent years because victims often will pay a ransom to avoid an operational disruption.

iSecurity’s experience has been that the health care industry accounts for about the 48 per cent of the cases it has handled — although it wouldn’t reveal the identity of any of its 300 to 400 clients in Ontario.

“We completed, I think, more than 10 different cyber security responses this year, in health care. Some of them you’ve seen on the news and some of them didn’t make it to the news,” Quereshi said.

“So health care has been a big interest for the external threat agents and the hacker community.”

From the hacker’s point of view, he said, the health sector promises a good return on investment.

“The attackers are targeting health care sector more for financial gain than, really, trying to extract the information and sell it elsewhere. At the end of the day, they just want to get paid once they get in.”

Rob Martin, a vice-president for Waterloo, Ont.-based cyber security firm eSentire, agrees that criminals may move on to other victims after they’re paid — but that’s not necessarily the case.

“If someone is complacent, and doesn’t remediate or resolve the problem that caused things to happen in the first place, that threat will often times recur … and hold people hostage again.”

What’s more, Martin said, the criminals are “very opportunistic” and can find other ways to sell the information contained within the hacked database.

“On what’s referred to often as the dark web there are electronic sites … where you can buy identities and personal information quite inexpensively depending on the value of that data,” Martin said.

LifeLabs said Tuesday that the compromised database included health card numbers, names, email addresses, login, passwords and dates of birth but said it wasn’t sure how many of the files were accessed during the breach.

Privacy commissioners from B.C. and Ontario said they would examine the scope of the breach, the circumstances leading to it, and what measures LifeLabs could have taken to prevent and contain it.

LifeLabs chief executive Charles Brown, who has apologized publicly, assured the public that its consultants have seen no evidence that the data has been trafficked by criminal groups.

It’s offering customers one year of free protection that includes dark web monitoring and identity theft insurance. It will also contact about 85,000 customers in Ontario whose lab results were accessed.

The Canadian Press

Like us on Facebook and follow us on Twitter