BURLINGTON, N.C. --The FBI said it was aware of 'reports of a ransomware attack' involving LabCorp's network system. An agency spokesperson sent the statement to WFMY late Tuesday.
The FBI is aware of reports of a ransomware attack involving LabCorp’s network system. We are monitoring the situation, but cannot comment on whether or not the FBI is involved in any investigation.
Over the weekend hackers targeted Burlington based LabCorp, one of the nation's largest medical diagnostics companies.
LabCorp would neither give further details about the breach nor confirm its nature, Tuesday. However, according to a filing with the Securities and Exchange Commission (SEC) dated July 16, the company said it detected 'suspicious activity' on its information technology network. The document identified the discovery of the breach as July 14. Some customers experienced delays around that date and the next day.
"LabCorp determined that there were some suspicious activities over the weekend and immediately shut things down to try to limit the damage," said Michael Hiatt an IT expert with Secure Design. Secure Design manages internet security solutions for many businesses in the Triad. Hiatt and his colleagues are closely watching this breach and trying to figure out its nature and the actors involved.
"With LabCorp, we don't know if it is ransomware, we don't know if it is someone who had unauthorized remote access to their network and was able to sort of pull data from them. At this point there's a lot of questions left unanswered," added Hiatt.
The breach has raised concerns that millions of patients health records could be at risk. According to its website, LabCorp has more than 115 million patient encounters yearly and processes more than 2.5 million patient tests weekly.
Lab Corp stated in the report to the SEC that it "immediately took certain systems offline as part of its comprehensive response to contain the activity." This temporarily affected test processing and customer access to test results on or over the weekend.
LabCorp also stated that "Work is ongoing to restore full system functionality as quickly as possible, testing operations have substantially resumed today, and we anticipate that additional systems and functions will be restored through the next several days."
The company also said while they have "Notified the relevant authorities of the suspicious activity and will cooperate in any investigation", there is currently 'No evidence of unauthorized transfer or misuse of data."
"Hopefully they were able to pull the plug on this before the damage was as great as it could be, hopefully, they were able to limit that but we'll see," said Hiatt. He added that depending on the level of the breach, malicious access to that amount of personal health information has the potential to be major.
While LabCorp says that customers don’t need to worry, the company is required to notify affected customers of any data breach within 60 days. The FBI also added that it is monitoring the situation but cannot comment on whether or not the FBI is involved in any investigation.
LabCorp isn't the only big company to be a victim of hacking. Last September, the Equifax data breach exposed the personal data of over 140 million people. The popular ride-sharing app, Uber, was hacked in November and 57 million people had their data exposed.
The City of Atlanta was also the target of a ransomware attack, earlier this year. It crippled the city's computer network for days. Thieves demanded about $51,000 worth of bitcoin to unlock the system.