Saskatchewan’s privacy commissioner is investigating the data breach at Lifelabs.
The company was the victim of a cyberattack affecting approximately 15 million customers across Canada.
Ronald Kruzeniski said approximately 93,000 people in Saskatchewan were affected by the privacy breach.
“They told us that the affected systems contain information of approximately 15 million LifeLab customers across Canada, including name, address, email, customer logins and passwords, health card numbers, and lab tests,” Kruzeniski said Thursday in a statement.
Kruzeniski said his office will examine the scope of the breach, the circumstances leading up to the cyberattack and what, if any, steps Lifelabs could have taken to prevent and contain the breach.
“My office will also investigate ways LifeLabs can help ensure the future security of personal information and avoid further attacks,” he said.
Kruzeniski said his staff will work with privacy commissioners in British Columbia and Ontario, which have also launched investigations.
LifeLabs is the largest provider of general diagnostic and specialty laboratory testing services in Canada.
- Posters promoting ‘Steal From Loblaws Day’ are circulating. How did we get here?
- Video shows Ontario police sharing Trudeau’s location with protester, investigation launched
- Canadian food banks are on the brink: ‘This is not a sustainable situation’
- Solar eclipse eye damage: More than 160 cases reported in Ontario, Quebec
The company has four core divisions: LifeLabs, LifeLabs Genetics, Rocky Mountain Analytical, and Excelleris.
“If you have visited a LifeLabs for a test or received a test/service from LifeLabs Genetics and Rocky Mountain Analytical, then it is likely your information is in LifeLabs database,” Kruzeniski said.
In a letter to customers, president and CEO Charles Brown apologized for the security breach.
“I want to emphasize that at this time, our cyber security firms have advised that the risk to our customers in connection with this cyber-attack is low and that they have not seen any public disclosure of customer data as part of their investigations, including monitoring of the dark web and other online locations,” he said.
Brown added that system issues related to the breach have been fixed, and Tuesday’s announcement is “in the interest of transparency.”
Kruzeniski said Lifelabs has set up a dedicated phone line (1-888-918-0467) and posted information on its website for those affected by the privacy breach.
Those wishing to file a complaint can contact Saskatchewan’s privacy commissioner at 306-787-0488 or 1-877-748-2298.
—With files from Maham Abedi
Comments