Apex Laboratory disclose data breach after a ransomware attack

At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach.

Apex Laboratory, Inc. is a clinical laboratory that has been providing home laboratory services to homebound and Nursing Home patients in the NY Metropolitan Area for over 20 years.

The at-home laboratory services provider Apex Laboratory disclosed a ransomware attack, the hackers also stole some patient in the incident that took place on July 25, 2020.

“On July 25, 2020, Apex Laboratory of Farmingdale, NY (“Apex”) discovered that it was the victim of a cyber-attack and that certain systems in its environment were encrypted and inaccessible.” reads the data breach notification published by the company.

The company started the investigation with the help of third-party forensic and cyber security specialists after it resumed the operations on July 27th.

Apex Laboratory confirmed it was able to secure its network, restore affected data, and resume operations.

The company initially added that it has not found evidence of unauthorized access or acquisition of patient information.

“However, on December 15, 2020, Apex learned that the hackers posted information on their blog about the attack and listed data taken that contained personal and health information for some patients,” the company revealed.

Further investigation allowed the company to discover that the data might have been stolen from its systems between July 21 and July 25, 2020.

The provider discovered that threat actors stole info for some of its patients, including names, dates of birth, phone numbers, Social Security numbers, and test results.

“Although the investigation is ongoing, at this point, the data believed to be taken includes, for a subset of patients: patient names, dates of birth, test results, and for some individuals, Social Security numbers, and phone numbers. Additionally, Apex is unaware of any actual or attempted misuse of any information other than the extracting of this data as part of the cyber-attack.” continues the company. “Apex is in the process of preparing written, mailed notice to impacted individuals for whom it has addresses, as well as posting notice on its website.”

Apex is notifying affected individuals via written mail while the investigation is still ongoing.

According to the DataBreaches website, the company was hit by the DoppelPaymer ransomware gang.

“DataBreaches.net recently reported that Apex Laboratory Inc. had apparently been attacked by DoppelPaymer ransomware threat actors. Apex was added to their  leak site on December 15.” reads the post published by DataBreaches.

On December 15, DoppelPaymer operators published thousands of files allegedly stolen from Apex on its leak site. Leaked data includes patients’ data and employee information.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Apex Laboratory)

[adrotate banner=”5″]

[adrotate banner=”13″]