One of Canada’s largest medical services companies revealed that millions of customers had their personal information stolen in a data breach in late October.
Hackers may have obtained addresses, passwords, dates of birth, and health card numbers of 15 million LifeLabs customers. The private records weren’t removed from the system, but the company confirmed that third parties managed to access and duplicate customer data.
According to LifeLabs, measures were taken to secure the data, which included a ransom payment. But experts have warned that there is no way to guarantee the data won’t show up elsewhere.
Company CEO Charles Brown apologized for the breach, which was initially discovered in late October.
“I want to say I am sorry that this happened. As we manage through this issue, my team and I remain focused on the best interests of our customers. You entrust us with important health information, and we take that responsibility very seriously,” Brown said.
The breach is being investigated by authorities while LifeLabs is offering assurances to customers that it managed to fix security system flaws that made the hack possible.