B.C. and Ontario privacy commissioners are investigating a “cyberattack” on the database of LifeLabs, one of Canada’s largest providers of medical lab testing services.
The possible attack was reported by LifeLabs on Nov. 1, and made public Tuesday. The extent of the data breach has not been revealed, but it potentially affects 15 million customers, in a database that includes name, address, email, customer logins and passwords, health care numbers and lab test results.
“The breach of sensitive personal health information can be devastating to those who are affected,” said Michael McEvoy, information and privacy commissioner for B.C. “Our independent offices are committed to thoroughly investigating this breach. We will publicly report our findings and recommendations once our work is complete.”
LifeLabs has set up a web page and toll-free phone line (1-888-918-0467) for people affected by the data breach. One of the largest general diagnostic and specialty lab testing services, it has four main divisions: LifeLabs, LifeLabs Genetics, Rocky Mountain Analytical and Excelleris.
The coordinated investigation will examine the scope of the breach, the circumstances leading to it and what, if any measures Lifelabs could have taken to prevent and contain the breach.