At the end of November they attacked the laboratory. According to preliminary information, data belonging to approximately 12,000 people was leaked online. patients who used the company’s services. However, the number of people affected may be much greater. According to the website, ALAB representatives said during Thursday’s press conference that “in the worst-case scenario, up to 200,000 patients are at risk of making personal data and laboratory test results public. Their data was on this one server, where the security was broken.” The company also allegedly assured that it was not negotiating and did not intend to pay a ransom. Meanwhile, the criminals threatened that the next part of the stolen information will be released online on December 31.
Cyber attack on ALAB. Patient data at risk
As we wrote earlier on next.gazeta.pl, a team of cybersecurity experts from the state-owned NASK institute reported that criminals could also obtain data of people who commissioned research at the facilities of other companies. “The analysis showed that there was also theft of test results commissioned by other medical facilities not belonging to the ALAB group,” NASK analysts emphasized.
Last week, the Regional Prosecutor’s Office in Warsaw initiated an investigation based on a notification submitted by Alab Laboratoria. The investigation will be conducted “into obtaining unauthorized access to the IT system and obtaining information stored in it by encrypting the contents of servers belonging to the injured company using malicious ransomware.”
The prosecutor’s office also reported that one of the effects of the attack was “impeding access to IT data and preventing their automatic processing, collection and transmission.” Moreover, the investigation will also be conducted in terms of “ransom demands by the perpetrators […] in exchange for providing decryption keys and not disclosing the obtained data” and “unlawful processing of personal data” of the company.
The Office of Competition and Consumer Protection and the Patient Ombudsman were also involved in the study. Neither ALAB nor any of the institutions involved in the case provide information on the amount of the ransom. PAP unofficially determined that the hackers demanded several hundred thousand dollars from the company.
How to protect yourself against hackers?
If hackers start publishing more data, it will be necessary to check your data again in the dobredane.gov.pl database. This tool is intended to be constantly updated. Experts recommend that you reserve your property in advance, even though .
It is also worth watching out for any suspicious messages in which the senders have a lot of knowledge about us. It cannot be ruled out that the hackers responsible for the attack on ALAB sold some of the data on the black market, which other cybercriminals and fraudsters will want to take advantage of. If only to further gain our trust and ultimately extort money.
Experts also note that sensitive data, such as medical and laboratory test results, are an ideal starting point for criminals to blackmail victims of data leakage. The problem mainly affects well-known people whose data may have been leaked from ALAB, but it may affect anyone who has performed research and does not want to share their results with the world.
Source: Gazeta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
