A hacker attack has struck Synlab Italy. The operations of the known diagnostic service provider healthcare are blocked. Initially the company had attributed the service interruption to general technical problems.
However, “although it is premature to express opinions,” he comments Pierluigi Paganini, cyber security analyst and CEO Cybhorus, “the company’s statement reveals a worrying situation”. Especially because sensitive patient data would have been compromised.
Synlab Italia under hacker attack: the hypotheses
In an initial phase, the medical diagnostics supply company announced “the temporary interruption of access to computer and telephone systems and related services”. Then, he issued a statement denouncing it the attack in progressexplaining that they had disabled, as a precaution, all company systems in Italy.
“The interruption of all services and the inability to provide estimates on the restoration of operations suggest a malware infection. This could be a ransomware attack“, warns Paganini.
“From the data that is collected by the Ransomfeed platform that I manage,” he comments Dario Fadda Infosec researcher and founder of Ransomfeed, “the name of Synlab for now appears only in its French team which last June seems to have been the victim of a ransomware attack by the Clop cyber gang”. Fadda continues, “this attack was part of the chain of weaknesses inflicted during the exploitation of the significant MoveIT vulnerability“.
“For the moment we have no criminal claims of an Italian ransomware attack, but it is possible that it could be a very similar topic,” concludes Fadda.
In fact, the company appears to be isolating the systems to contain the incident and the possible propagation of a cyber threat, mitigating the most disruptive effects of the attack.
As the press office of SYNLAB Italia, we inform you that with reference to the hacker attack suffered by the company in the last few hours, all updates and service information for citizens will be periodically published by SYNLAB on the national website
Health data at risk of breach
In the meantime, the company has suspended, until further announcements, all activities in the national territory, at medical centers, sampling points and laboratories.
THE patients report on social media that they cannot receive the results of diagnostic tests urgent. But legitimate patient discomfort is not the biggest risk. In fact, “the nature of the data managed by the company and the potential impact on users if there was one is of particular concern a data breach“, concludes Paganini: “We must wait for more details on the accident to have a clearer picture of what happened and provide unquestionable technical opinions”.
The company has already started an investigation into the accident, also with the support of external technicians, and in the meantime is trying to limit the damage. But the accident may have compromised the data.
Synlab is updating on the ongoing attack.
Tags: Attack Synlab Italia breach patient data
