SoylentNews is people
SoylentNews
Submitted via IRC for BoyceMagooglyMonkey
LabCorp, the US' biggest blood testing laboratories network, announced on Monday that hackers breached its IT network over the weekend.
"At this time, there is no evidence of unauthorized transfer or misuse of data," the company said. "LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation."
[...] "LabCorp made the wise decision to shut down their entire network while determining the extent of the breach," Kothari added, suggesting that the hacker(s) could have very easily propagated through this interconnected network to reach other organizations.
Healthcare organizations are often the targets of hackers mainly due to the highly sensitive data they work with, which is worth more when crooks sell it online, rather than classic username-email-password combos.
Source: Hackers Breach Network of LabCorp, US' Biggest Blood Testing Laboratories
(Score: 0) by Anonymous Coward on Thursday July 19 2018, @03:25AM (4 children)
They got that far in that you were worried about other organizations being breached, which means they had the capability to launch attacks from your network, and there is no evidence of unauthorized transfer?
Are you kidding me?
(Score: 3, Insightful) by Subsentient on Thursday July 19 2018, @04:01AM (2 children)
The thing is, you don't necessarily need to leave logs if you copy files, even to a remote target. In fact, usually you don't. Something like ssh/sftp might, but there's lots of other ways to send data over a network that won't end up in any system logs.
I'd bet money that they stole a substantial amount of data.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 0) by Anonymous Coward on Thursday July 19 2018, @04:11AM
I wonder if someone is interested in who may have narcotics in their house? Or any other exotic drugs? Or who has O+ blood?
(Score: 3, Informative) by pendorbound on Thursday July 19 2018, @04:25PM
Most HIPAA compliant shops will have full logging of packet counts/sizes at their firewall. They won't see the equivalent of file paths like you might from file transfer software logs, but they'll definitely be able to confirm the size of any data exfiltrated from their network. Tricks like tunneling through ICMP or DNS requests or through any kind of encrypted tunnel don't sneak under the radar when you're logging every TCP frame sent or received.
You may or may not be able to tell "what," but "how much" should be a no-brainer. Significant deviations from normal traffic patterns should be sufficient to raise an alert even absent any other indication of intrusion.
(Score: 2) by HiThere on Thursday July 19 2018, @05:24PM
You don't know what it was penetrated by. It could have been one of those "encrypt all the data and offer to decrypt it" jobs. It may not have been a targeted attack, just a "vicious in some way" attack that wanted to spread. Another question is "How did they notice that they were infected?" Some attacks are multi-stage, during the first phase it tries to be unobtrusive and contagious, then in a later stage it does the damage.
And, of course, the spokesman might not have full knowledge of what the investigators had found. So it may well be a reasonable statement.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.