The hacker attack last April against the computer systems of Synlab Italy, a European network for the provision of medical diagnostic services, had a decidedly unhappy epilogue. According to what was communicated by Synlab Italia, in fact, some information was illicitly stolen from its IT systems, including documents and personal data of patients, they were published in areas of the dark web.
The hacker attack, we recall, was carried out on April 19th making Synlab Italia’s IT systems completely inaccessible throughout the national territory preventing users from making reservations or downloading medical reports. As a precaution, in fact, as soon as the attack was identified and in accordance with company IT security procedures, Synlab Italia had immediately deactivated all computer systems and established a task force “in collaboration with the relevant authorities”.
DATA COLLECTED FROM PATIENTS AND CUSTOMERS
In the hours following the attack, in order to continue its work, Synlab Italia had informed users that services in the Medical Centers were progressively recovering according to a very specific schedule and had invited users with more urgent requests to contact it privately via the chats of the its social channels. The day after the attack, Synlab Italia had confirmed that have begun the restoration of the IT systems continuing, at the same time, the analysis of the IT infrastructure to understand if and what data had been taken.
In a statement dated May 5, Synlab Italia confirmed that the cybercriminal organization was responsible for the cyber attack he claimed to have stolen, by making a copy, “a significant amount of data, including patient and customer data”, resulting in an increased risk of their spread in the future. As “proof” of what has been said, hackers they would have published it “a limited quantity” on the dark web.
DATA PUBLISHED ON THE DARK WEB
On May 13, again through a press release, Synlab Italia confirmed both the name of the cybercriminal organization responsible for the attack, “Black Basta”which the publication of documents and personal data in areas of the dark web.
At the same time, the company began to inform “the subjects involved in accordance with the law” also confirming
“that I have not undertaken any type of negotiation, nor even paid a ransom to the cybercriminal organization responsible for the attack” firmly rejecting “the idea of financing further future cybercriminal and criminal attacks that threaten critical infrastructures, the privacy of patients and national security.”
Today, through a new press release and through emails sent to patients, Synlab Italia confirmed that, following the publication of the data, it has “activated for the analysis and identification of the data subject to publication also making use of specialized suppliers in the sector”. Consider “the complexities in acquiring the entire dataset via the dark web”we read in the note, “the activity may take some time”.
The company also has further confirmed that among the published data there are also personal data relating to his patients and that, following the outcome of the analysis activity “the classification of the published data will follow in order to identify the interested parties, who at the current date are not individually identifiable”.
Synlab Italia, in addition to traditional communication channels, has established email [email protected] to facilitate communication with your patients. At the same time, it is continuing to collaborate with the competent investigative public authorities and has taken steps to further integrate the preliminary notifications to the Guarantor Authority for the Protection of Personal Data.
In the meantime, Synlab Italia also invites its users to pay maximum attention to each e-mail, SMS, message or phone call in which personal data is requested, carefully evaluating the reliability of the requester, and to update account passwords (email, social networks, forums, etc…) and, if the system allows it, to enable multi-factor authentication.
