LifeLabs has been hacked and pay a ransom in exchange for user data

LifeLabs is a leading medical diagnostic and testing service provider based in Canada. Today the company announced a ransom payment to hackers to redeem data and information stolen from a security breach last month. The press release wrote:

We have taken several measures to protect our customer information, including:

• Immediately engaging with world-class cyber security experts to isolate and secure the affected systems and determine the scope of the attack;
• Further strengthening our systems to deter future incidents;
• Retrieving the data by making a payment. We did this in collaboration with experts familiar with cyber-attacks and negotiations with cyber criminals;
• Engaging with law enforcement, who are currently investigating the matter; and
• Offering cyber security protection services to our customers, such as identity theft and fraud protection insurance.

It’s unclear how much the company has paid to recover the data. LifeLabs previously said that the breach covered nearly half of Canada’s population and that more than 15 million people’s information may have been leaked.

Most of the affected customers are in Ontario and British Columbia. LifeLabs points out that security experts have investigated, including monitoring the dark web and other network addresses, and have not seen any customer information publicly disclosed.