Civil Claim Filed Against LifeLabs After Breach Revealed 15 Million Customers’ Personal Information

A civil claim has been filed against diagnostic testing service LifeLabs after a breach revealed 15 million customers’ personal information.

In a notice of civil claim filed in B.C. Supreme Court Wednesday, Kenneth Morrison argues LifeLabs breached the contract it signs with all customers to keep their private information secure and confidential, reads a new report from CBC.

Morrison, a retired Vancouver computer technician who has been a customer since 2014, claims the company “failed to treat privacy and security as its top priorities” and did not take proper care to protect the private information from a recent breach.

The lawsuit is open to any B.C. resident who was a customer of LifeLabs before December 17, 2019.

According to the report, hackers obtained the personal information of an unknown number of LifeLabs’ 15 million Canadian customers — based mostly in Ontario and British Columbia — including health card numbers, names, email addresses, login, passwords, and dates of birth.

LifeLabs reported the breach to the privacy commissioners of both Ontario and British Columbia, consulted with cybersecurity experts and retrieved the stolen data by paying the unidentified hackers an undisclosed ransom.

“LifeLabs recently identified a cyber-attack that involved unauthorized access to our computer systems with customer information that could include name, address, email, login, passwords, date of birth, health card number and lab test results,” wrote Charles Brown, President and CEO of LifeLabs in an open letter to customers.

LifeLabs is Canada’s largest provider of diagnostic testing services, such as blood tests, genetic tests, heart monitoring and more.

“I’m sorry this happened and we’ll do everything we can to win back the confidence of our customers,” Brown told The Canadian Press, calling the incursion a sophisticated attack that is a wake-up call for the industry.

“Whether you’re a private company, a government, a hospital, we’re all seeing these attacks rise and there’s more and more of them and we’ve collectively got to do more to make sure all our customers feel secure.”