⚡ Rocket.net – Managed WordPress Hosting

MiltonMarketing.com  Powered by Rocket.net – Managed WordPress Hosting

Bernard Aybouts - Blog - MiltonMarketing.com

Approx. read time: 4.3 min.

Post: Security experts say health care industry is prized target for cyber criminals

Health care industry cyber security breach –

The Health Care Industry: A Prime Target for Cyber Criminals

Security experts have long warned that the health care industry is a prized target for cyber criminals. This was starkly illustrated by the 2019 data breach at LifeLabs, one of Canada’s largest medical services companies. The incident underscores the broader vulnerabilities faced by the North American health care sector.

The LifeLabs Data Breach: A Case Study

In December 2019, LifeLabs revealed that hackers had gained access to the personal information of up to 15 million customers, primarily in Ontario and British Columbia. This breach forced the company to pay a ransom to retrieve and secure the compromised data.

Raheel Quereshi, from the Toronto-based consulting firm iSecurity, emphasized that while every business is a potential hacking target, health care companies are particularly prized. The reason is simple: the stakes are higher in health care. Companies in this sector are often more willing to pay ransoms to avoid disruptions that could have serious medical consequences. This willingness to pay makes them attractive targets for cyber criminals looking to profit from stolen data.

LifeLabs’ CEO, Charles Brown, publicly apologized for the incident and confirmed that a ransom was paid, though he did not disclose the amount. The company assured the public that their consultants had found no evidence of the stolen data being trafficked by criminal groups.

Health care industry cyber security breach

The Aftermath: Class Action Settlement

Fast forward to 2024, and those affected by the LifeLabs data breach have received a settlement notice. On May 22, 2024, class members were informed that they would receive an e-Transfer from KPMG Inc. within five business days. Due to the large number of valid claims (901,544 in total), each claimant will receive a payment of $7.86. This amount was calculated according to the Court-approved terms of distribution.

Instructions for Claimants

The settlement notice provided detailed instructions for claimants to deposit the e-Transfer:

  1. Follow the link provided in the payment email from Interac.
  2. Enter the password “LifeLabs” when prompted.
  3. Note that only three attempts are allowed to accept the e-Transfer. After three failed attempts, the payment will be canceled and not reissued.

If the automatic deposit function is enabled with the claimant’s financial institution, the payment will be automatically deposited to the account associated with the email address provided on the claim form, and no password will be required.

Claimants were also reminded that the e-Transfer would expire 30 days after issuance and would not be reissued after expiration.

For more details on the payment calculation, claimants were directed to the settlement website: LifeLabs Settlement.

Broader Implications for the Health Care Industry

The LifeLabs data breach and subsequent settlement highlight the critical need for robust cyber security measures in the health care industry. As cyber criminals continue to target this sector, health care companies must prioritize the protection of sensitive patient data. This includes investing in advanced security technologies, regularly updating security protocols, and training staff to recognize and respond to potential threats.

The LifeLabs incident serves as a cautionary tale, reminding health care providers of the high stakes involved in safeguarding patient information and the potentially severe consequences of failing to do so.

Conclusion: Who Really Pays the Price? – Health care industry cyber security breach

While the class action settlement offers some compensation to those affected, it raises a critical question: how does a mere $7.86 really compensate for the violation of one’s privacy? The nominal payment to individuals starkly contrasts with the substantial financial gains of the hackers who received the ransom and the lawyers who collected most of the class action lawsuit’s payout in legal fees.

In the end, the real winners in this multimillion-dollar case are the cyber criminals and the legal teams. The affected individuals, whose personal information was exposed, are left with a token settlement that hardly addresses the long-term implications of such a breach. This situation underscores the need for more significant penalties and preventative measures to protect personal data and hold responsible parties accountable.

About the Author: Bernard Aybout (Virii8)

Avatar of Bernard Aybout (Virii8)
I am a dedicated technology enthusiast with over 45 years of life experience, passionate about computers, AI, emerging technologies, and their real-world impact. As the founder of my personal blog, MiltonMarketing.com, I explore how AI, health tech, engineering, finance, and other advanced fields leverage innovation—not as a replacement for human expertise, but as a tool to enhance it. My focus is on bridging the gap between cutting-edge technology and practical applications, ensuring ethical, responsible, and transformative use across industries. MiltonMarketing.com is more than just a tech blog—it's a growing platform for expert insights. We welcome qualified writers and industry professionals from IT, AI, healthcare, engineering, HVAC, automotive, finance, and beyond to contribute their knowledge. If you have expertise to share in how AI and technology shape industries while complementing human skills, join us in driving meaningful conversations about the future of innovation. 🚀