LifeLabs Faces Lawsuits After Data Breach

Most Countries without Cybersecurity Strategy

January 3, 2020

LifeLabs, the largest provider of specialty laboratory testing services in Canada, recently identified a cyber-attack that involved unauthorized access to their computer systems that possibly affects 15 million customers.

According to a news report, LifeLabs is now facing two class action lawsuits by both British Columbia (BC) and Ontario due to the company's data breach. The claim filed in Ontario Superior Court on December 27 accuses LifeLabs of negligence, breach of contract and violating their customers’ confidence as well as privacy and consumer protection laws. The other claim filed in BC Supreme Court notes that the company lacked “adequate security” and “adequate training for employees” ahead of the attack, and that LifeLabs should have informed customers sooner after the incident.

The report says that BC Health Minister Adrian Dix previously stated that LifeLabs had requested some time before it could disclose the breach to the public because the company first wanted to ensure that its systems were secure from secondary attacks.

In addition, while yet to be certified, the Ontario class action may be asking for more than $1.13 billion in compensation for clients, says the report.

With the advent of Internet of Things (IoT) technology and Industrial Internet of Things (IIoT), the cyber security practices are increasingly getting integrated with the physical security practices.

We will provide insight on NDAA Section 889 and how the act has evolved and impacted business, so that organizations can better mitigate risk and stay compliant.