Paubox reports:
Several medical and diagnostic laboratories have been hit by ransomware in recent months, causing service outages and data breaches. Recent incidents include attacks on WPM Pathology Laboratory in Kansas, Accu Reference Medical Lab in New York, and Pacific Biolabs in California. These follow earlier attacks in May on Marlboro-Chesterfield Pathology in North Carolina and Molecular Testing Labs in Washington.
The attacks have led to delayed diagnoses, potential patient harm, and the exposure of protected health information. One of the most impactful attacks remains the June 2024 breach of UK-based Synnovis, which disrupted NHS blood testing services and cost over $38 million.
Going deeper
WPM Pathology detected unauthorized access to its systems on November 4, 2024. The breach involved sensitive patient data, including names, birth dates, medical record numbers, and Social Security numbers. Although its public notice did not explicitly mention ransomware, the attack has been linked to the Fog ransomware group.
Accu Reference Medical Lab in New York appears to have been targeted by the Qilin ransomware group, which claims to have exfiltrated patient data and posted screenshots as proof. The lab has not yet confirmed the incident. Notably, this is the second known ransomware event involving Accu Reference. In 2023, it was attacked by the Medusa group, which leaked stolen data after a ransom demand was unmet.
Read more at Paubox.
