It’s our job here at Digital Uppercut to protect our clients from all kinds of hacks and breaches: trojans, viruses, ransomware, phishing, social engineering...all of it. And when we write about all the dangers that you, as a small business owner or manager face, we often talk about hacks and their immediate effects on you and your business. But there is a new threat that businesses are facing that comes some time after they’ve become the victim, and the result is that this threat turns the business into a cybercrime victim not once...but twice.
One of Canada’s largest medical testing laboratories, LifeLabs, announced in December 2019 that they had been hacked the prior November. And the breach was not inconsequential: Hackers used Ransomware to encrypt and steal the personal data of up to 15 million patients. They further stole data related to 85,000 lab test results.
LifeLabs CEO Charles Brown said that “the risk to our customers in connection with this cyber-attack is low” but that remains to be seen. Brown also said that the company will offer to buy Identity Theft Insurance for each of its patients who were possibly affected by the breach.
So clearly LifeLabs is a victim here, and they are going to have to pay dearly as a result. They already paid an undisclosed ransom -- certain to be in the millions of dollars -- demanded by the cyber-criminals, and they will be paying for several million subscriptions to the Identity Theft Insurance providers, which could amount to millions of dollars.
But LifeLabs is not the only victim here.
Each and every one of LifeLabs’ 15 million customers is also a cybercrime victim, whether their data was actually stolen or not, because almost as bad as the actual theft of personal information is the uncertainty of knowing whether your personal information (name, address, phone numbers, email addresses, password security questions, and more) is being sold on the dark web. Even worse would be those whose lab test results may have been breached, potentially allowing data from genetic tests, herpes tests, or HIV tests to be revealed.
CyberCrime Victim Twice Over
And while LifeLabs is not a very sympathetic victim (large corporations seldom are), they just became a cybercrime victim a second time over when a proposed class action lawsuit was filed against the company. Attorneys representing five named plaintiffs as well as a proposed class that includes all customers are suing for $1.13 Billion CAD.
And this is the danger that all cybercrime victims will eventually face. The fallout from a hack or breach can be severe. Ransomware can not only lock up your data, but it causes the operations of your business to stop almost immediately. Because your accounting data is likely encrypted, you can’t pay your vendors, and you can’t invoice or collect from your customers. And the law says that you not only need to notify the California Office of Civil Rights and the Secretary of State’s office, you also need to notify the vendors, customers and employees whose data was potentially breached.
And more frequently than ever, companies large and small are being sued because they were (just as the plaintiffs allege about LifeLabs) negligent in protecting their data, causing those whose data was breached severe anxiety, distress, inconvenience and consequences of identity theft.
How To Avoid Being a Cybercrime Victim Even Once
Of course, it’s best to avoid all of this in the first place by protecting your company and your data. The staff at Digital Uppercut are experts in doing exactly that. With our state of the art technology that includes live security experts monitoring your network 24/7, we’ve never once had to file a claim on our million dollar Ransomware policy. If you’re looking for security, you’ve found it here. Contact us online or call us at 818-913-1335.