Cybersecurity: LabCorp Reports What Could Be a Major Data Breach

Cyberattacks and data breaches against health providers are a daily occurrence. But when the breach takes place at a firm as big and powerful as LabCorp and potentially affects the health records of millions of patients, it's major news. And according to a recent Fortune report, such a breach might have affected at least some of LabCorp's systems over the July 14 weekend.

What We Know So Far
In its filing with the Securities and Exchange Commission, the Burlington, N.C.-based company reports that it detected what it describes as "suspicious activities" during that weekend. In response, it "immediately took certain systems offline" in an effort to contain the activity. As of now, the company hasn't reported uncovering any evidence that the data was transferred or misused, but the investigation is ongoing.

The other bit of good news is that the incident seems to have been confined to LabCorp Diagnostics systems and didn't affect the systems used by newly acquired CRO Covance Drug Development.

The Threat from Within
In most industries, hackers from outside the organization pose the primary threat to cybersecurity. But in health care, it's just the opposite. "Health care is the only industry in which internal actors are the biggest threat," according to a recent Verizon cybersecurity report. What drives them to do it:

• Financial gain, e.g., using misappropriated personal information to commit tax fraud or open lines of credit: 48%;
• Personal curiosity in looking up personal records of celebrities or family members: 31%;
• Simple convenience: 10%.

Of course, many internally caused breaches are inadvertent, e.g., when an employee falls for a phishing scheme. LabCorp still hasn't said how this breach happened, e.g., whether ransomware was involved or who was behind it.