For HomeFor BusinessFor Partners
Industry News Digital Privacy
2 min read

Data breach at Aussie pathology lab exposes PHI of over 220,000 customers

Alina BÎZGĂ

October 28, 2022

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Data breach at Aussie pathology lab exposes PHI of over 220,000 customers

Medical records and payment card information of over 220,000 patients have been exposed in a data breach at pathology service provider Australian Clinical Labs (ACL), the company disclosed earlier this week.

In a letter to impacted customers, ACL said the breach occurred following a ransomware attack at one of its subsidiaries - Medlab Pathology.
A variety of sensitive data was exposed in the attack, including protected health information (PHI):
· Full names and Medicare numbers of 128,608 customers
· 28,286 credit card numbers, 55% of which were expired and 12% of which included CVV codes
· Medical records and pathology test records of 17,539 individuals


Quantum ransomware gang claims responsibility


The Quantum threat group took credit for the cyberattack that occurred in February 2022 at Medlab Pathology. Stolen files containing 86GB of data were posted on the dark web on July 14 and, according to Bleeping Computer, the files also contain employee details, invoices and other private documents.
Although the hack took place over eight months ago, the ACL disclosed that its forensic investigation did not reveal data exfiltration. The company was notified by the Australian Cybersecurity Centre of the data leak.


“Medlab became aware of an unauthorised third-party access to its IT system in February 2022,” the data breach notice reads. “At the time, the external forensic specialists did not find any evidence that information had been compromised.”


The letter continues to explore the timeline of the investigation:


“In March, the company was contacted by the ACSC outlining that it had received intelligence that Medlab may have been the victim of a ransomware incident,” ACL added.

“The company responded to the request for information and confirmed that to its knowledge the company did not believe that any data had been compromised. In June, ACL was again approached by the ACSC, which informed ACL that it believed that Medlab information had been posted on the dark web. ACL took immediate steps to find and download this highly complex and unstructured data-set from the dark web and made efforts to permanently remove it.”

Although the company emphasized that it’s not aware of any misuse of stolen personal information from its customers, all impacted individuals will receive complimentary access to identity theft protection services and coverage of all costs relating to replacing compromised ID documents.

Upgrading your defenses in the data breach pandemic

Bitdefender offers state-of-the-art security and privacy plans that cater to all your digital needs, whether you’re looking for a solution to thwart identity theft or an easy way to manage your digital footprint and enhance your online safety.

With Bitdefender Ultimate Security plans (for the US only) you can protect your household devices with award-winning technologies that predict, prevent and remediate new and existing cyberthreats.

The all-in-one solution provides unlimited VPN traffic, and the cross-platform Password Manager and identity theft protection features including real-time fraud monitoring, data breach monitoring, credit report monitoring, fraud alerts, credit freeze and lost wallet assistance, and an insurance policy of up to $2 million, depending on your chosen plan.

If you need a handy tool to help you discover the extent of your digital footprint and avoid privacy threats including account takeovers due to a data breach or leak, check out Bitdefender Digital Identity Protection. The dedicated service enhances your privacy with 24/7 data breach monitoring, a complete mapping of your online presence and an easy way to sniff out social media impersonators.

tags

Industry News Digital Privacy

Author

Alina BÎZGĂ

Alina BÎZGĂ

Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.

View all posts

Right now Top posts

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read
3 in 5 travel-themed spam emails are scams, Bitdefender Antispam Lab warns
Industry News Spam

3 in 5 travel-themed spam emails are scams, Bitdefender Antispam Lab warns

August 10, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
The Safety Formula

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
Bitdefender

April 17, 2024

2 min read
Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Industry News

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Graham CLULEY

March 06, 2024

2 min read
Crimemarket Taken Down by German Authorities
Industry News

Crimemarket Taken Down by German Authorities
Silviu STAHIE

March 05, 2024

1 min read

Bookmarks

loader