HQ/EMEAFind out how we can help your business
LSC has announced that it experienced a data breach involving hackers who compromised the sensitive information of about 1.6 million people from its systems.
The Laboratory Services Cooperative is a nonprofit organisation based in Seattle that provides centralised laboratory services to its member affiliates, including specific Planned Parenthood centres.
It is vital within its field to assist organisations in reproductive health across over 35 U.S. states and manage sensitive lab testing, billing, and personal information.
LSC addressed last year’s cybersecurity incident that resulted in a purported data theft.
LSC issued a statement earlier this week regarding a security incident caused by a threat actor who breached its networks in October last year.
According to the notice, the organisation allegedly detected suspicious activity in its network in the same month. In response, it promptly enlisted the help of a third-party provider to assess the incident’s nature and impact and notified relevant authorities.
The investigation found that an unauthorised third party accessed parts of the entity’s network and retrieved specific files belonging to it. Each individual’s exposed data can vary and may include one or more of the following types: personal identifiers, medical information, insurance details, and billing and financial records.
A filing submitted to the Maine AG Office indicates that the data breach affects 1,600,000 individuals. Those primarily impacted are individuals who underwent lab tests at selected Planned Parenthood centres utilising LSC for their testing services.
Although the organisation can identify the affected centres, it cannot confirm individual impacts for privacy reasons.
LSC reports that the investigation into the security incident is still ongoing. External providers are also monitoring the dark web for any data leaks related to the breach. As of now, no exposure has been found on dark web markets, forums, or extortion platforms.
Individuals affected are encouraged to take advantage of the free credit monitoring and medical identity protection services the organisation provides for 12 or 24 months, depending on their state.
However, the enrollment deadline for this provision will only be valid until July 14, 2025.
