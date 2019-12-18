Latest Tech

Canadian firm forced to pay hackers to return stolen data

December 18, 2019
By Ripples Nigeria

A data breach at Canadian clinical laboratory services provider, LifeLabs, has exposed the records of at least 15 million patients.

However, the company had in an interesting twist, paid those behind the attack for the stolen data to be returned.

The breach took place in October and involved customer names, addresses, emails, logins, passwords, date of birth and health card numbers. Some 85,000 lab results were stolen as well.

How the attack took place or who was responsible for it was not disclosed. In regulatory filings today, the attack is described as involving cybercriminals penetrating the company’s systems, extracting data and demanding a ransom.

In an open letter to LifeLab customers, Chief Executive Officer, Charles Brown, apologized for the data breach.

He said the company had engaged cybersecurity experts to isolate and secure the affected systems and took other measures to strengthen systems to deter future incidents.

Where the letter gets interesting is that Brown wrote that one of those measures included retrieving the stolen data by making a payment.

“We did this in collaboration with experts familiar with cyber-attacks and negotiations with cybercriminals,” Brown wrote.

How much the company paid out was not disclosed.

Affected customers are being offered a free one-year subscription to a service that includes monitoring for activity on dark web, a shady part of the internet reachable with special software, and identity theft insurance.

