Share this article on:
Boca Raton, FL-based Nationwide Laboratory Services, which was acquired by Quest Diagnostics in the summer, was the victim of a ransomware attack earlier this year.
Nationwide Laboratory Services detected a breach of its systems on May 19, 2021, when ransomware was used to encrypt files across its network and prevent files from being accessed. Steps were immediately taken to contain the attack and a third-party cybersecurity firm was engaged to assist with the investigation and remediation efforts.
The forensic investigation confirmed on August 31, 2021, that the attackers gained access to parts of its network where patients’ protected health information was stored, and potentially accessed information such as names, dates of birth, lab test results, medical record numbers, Medicare numbers, and health insurance information. A subset of the individuals affected had their Social Security numbers exposed. The types of information exposed in the attack varied from patient to patient.
The breach report submitted to the Department of Health and Human Services’ Office for Civil Rights indicates the protected health information of up to 33,437 individuals was potentially compromised.
Nationwide Laboratory Services said it is possible that the attackers exfiltrated a limited number of files from its network prior to deploying ransomware to encrypt files; however, no evidence has been uncovered to indicate patient data has been or will be used for any unintended purposes. As a precaution, affected individuals are being encouraged to review their accounts and explanation of benefits statements for signs of fraudulent activity.
Nationwide Laboratory Services has offered 12 months of complimentary credit monitoring services to individuals whose Social Security numbers were stored on the affected systems.
The FBI recently issued a private industry notification about ransomware actors targeting companies that are involved in significant financial events such as mergers and acquisitions and are using exfiltrated data as leverage in their efforts to extort money from victims. There have been several cases where the attackers have threatened to release sensitive and potentially harmful information to negatively affect stock prices to encourage payment of the ransom.