Hackers steal 1.6 million patient records in major healthcare breach

Healthcare information breaches are communal for 2 main reasons. Healthcare organizations are casual targets owed to mediocre cybersecurity practices, and the information they store is highly valuable. Bad actors tin often request and person immoderate ransom they privation for the stolen information. 

In 2025 alone, determination person already been fractional a twelve information breaches affecting healthcare institutions. 

The latest summation to this database involves a U.S.-based laboratory investigating provider. Laboratory Services Cooperative (LSC) has released a connection confirming it suffered a information breach successful which hackers stole delicate accusation belonging to astir 1.6 cardinal individuals from its systems.

STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT’S ‘THE CYBERGUY REPORT’ NOW

A doc looking astatine information connected his smartphone (Kurt "CyberGuy" Knutsson)

What you request to know

In October 2024, LSC, a nonprofit providing laboratory investigating services to reproductive wellness clinics similar Planned Parenthood crossed 31 U.S. states, was deed with a significant data breach. On Oct. 27, a menace histrion gained unauthorized entree to LSC’s network, stealing delicate idiosyncratic and aesculapian accusation belonging to astir 1.6 cardinal individuals, including patients and workers. 

The breach was discovered the aforesaid day, but LSC notified affected individuals starting April 10, 2025, aft completing a information reappraisal by February 2025, according to a notice shared by the nonprofit. 

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

The stolen information varies by idiosyncratic but whitethorn see a wide scope of delicate information. This includes idiosyncratic details specified arsenic names, addresses, emails, telephone numbers, Social Security numbers, driver’s licence oregon authorities ID numbers, passport numbers and dates of birth. 

Medical accusation whitethorn besides person been compromised, including dates of service, diagnoses, treatments, laboratory results, aesculapian records, diligent numbers, supplier names and attraction installation details. Plus, fiscal accusation specified arsenic billing details, slope relationship numbers, routing numbers, outgo paper details and assertion numbers whitethorn person been exposed. The breach could besides impact insurance-related data, including wellness security program types, insurer details and subordinate oregon radical ID numbers.

A healthcare worker moving connected her laptop (Kurt "CyberGuy" Knutsson)

200 MILLION SOCIAL MEDIA RECORDS LEAKED IN MAJOR X DATA BREACH

The interaction of the information breach

The LSC information breach affected individuals crossed aggregate states, including much than 1,800 Mainers, and progressive prime Planned Parenthood centers successful regions similar Alaska, Hawaii, Idaho, Indiana, Kentucky, Washington and perchance Texas, Massachusetts and California. The breach raises important risks of individuality theft, fiscal fraud and misuse of aesculapian information, specified arsenic opening fraudulent accounts oregon accessing healthcare services nether stolen identities.

LSC is offering escaped recognition monitoring and aesculapian individuality extortion services for 12 oregon 24 months, depending connected authorities requirements, with an enrollment deadline of July 14, 2025. A abstracted work is disposable for affected minors.

The nonprofit said connected its website, "The information of accusation maintained by LSC remains a apical priority. Following this incident, LSC implemented respective measures to further heighten the information of its environment. These measures see conducting a caller and updated hazard investigation to enactment vigilant against ongoing threats, performing further vulnerability investigating and penetration testing, and providing further information grooming for employees."

LSC has established a dedicated toll-free telephone halfway for individuals to telephone with further questions oregon concerns relating to this incident. The telephone halfway tin beryllium reached astatine 1-855-549-2662, disposable Monday done Friday from 9 a.m. to 9 p.m. ET.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

A hacker astatine work (Kurt "CyberGuy" Knutsson)

MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT

11 ways to support yourself aft the LSC information breach

If you deliberation you were affected oregon conscionable privation to beryllium cautious, present are 11 steps you tin instrumentality close present to enactment harmless from the LSC information breach.

1. Watch retired for phishing scams and usage beardown antivirus software: With entree to your email, telephone fig oregon adjacent laboratory records, attackers tin trade convincing phishing emails pretending to beryllium from healthcare providers oregon banks. These emails mightiness see malicious links designed to instal malware oregon bargain login information. To support yourself, usage a beardown antivirus program. Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices.

2. Scrub your information from the net utilizing a idiosyncratic information removal service: The much exposed your idiosyncratic accusation is online, the easier it is for scammers to usage it against you. Following the LSC breach, see removing your accusation from nationalist databases and people-search sites. Check retired my apical picks for information removal services here.

3. Safeguard against individuality theft and usage individuality theft protection: Hackers present person entree to high-value accusation from the LSC breach, including Social Security numbers, security info and adjacent aesculapian IDs. This makes you a premier people for individuality theft. They tin besides assistance you successful freezing your slope and recognition paper accounts to forestall further unauthorized usage by criminals. Signing up for individuality theft extortion gives you 24/7 monitoring, alerts for antithetic enactment and enactment if your individuality is stolen. See my tips and champion picks connected however to support yourself from individuality theft.

4. Set up fraud alerts: Requesting fraud alerts notifies creditors that they request other verification earlier issuing recognition successful your name. You tin petition fraud alerts done immoderate 1 of the 3 large recognition bureaus; they’ll notify the others. This adds different furniture of extortion without wholly freezing entree to credit.

5. Keep tabs connected your aesculapian records: The LSC breach included laboratory results, diagnoses and attraction data, making aesculapian individuality theft a increasing concern. Someone could usage your info to get attraction oregon prescriptions nether your name. Regularly reappraisal your aesculapian records and security claims. If thing looks off, study it to your supplier oregon insurer immediately. 

6. Watch retired for suspicious snail mail: After the LSC information breach, attackers whitethorn usage your stolen accusation to nonstop official-looking letters by post, posing arsenic healthcare providers, insurers oregon adjacent authorities agencies. These letters mightiness inquire you to telephone a number, sojourn a website oregon supply further idiosyncratic information. Just due to the fact that it arrives successful your mailbox doesn’t mean it’s trustworthy. Always verify the root by looking up interaction details independently and debar responding straight to unsolicited message asking for delicate information.

7. Use multifactor authentication (MFA): Enable MFA connected each captious accounts similar email, banking apps and healthcare portals. Look successful relationship settings nether "security" oregon "login options" to activate it. MFA ensures that adjacent if hackers person your password, they’ll request different verification method (like a substance code) earlier accessing your account.

8. Monitor your recognition reports: Check your recognition reports regularly through AnnualCreditReport.com, wherever you tin entree escaped reports from each bureau erstwhile per year, oregon much often if you're acrophobic astir fraud. Spotting unauthorized accounts aboriginal tin forestall larger fiscal damage.

9. Change passwords and usage a password manager: Update passwords connected immoderate accounts tied to compromised data. Use unsocial passwords that are hard to conjecture and fto a password manager bash the dense lifting by generating unafraid ones for you. Reused passwords are an casual people aft breaches. Consider password managers for convenience and security. Get much details astir my champion expert-reviewed password managers of 2025 here.

10. Be wary of societal engineering attacks: Hackers whitethorn usage stolen details similar names oregon commencement dates from breaches successful telephone scams oregon fake lawsuit work calls designed to instrumentality you into revealing much delicate info. Never stock idiosyncratic details implicit unsolicited calls oregon emails. Social engineering attacks trust connected trust, and vigilance is key.

11. Secure your online accounts: Review information settings crossed each important accounts (email, especially). Update betterment options similar backup emails oregon telephone numbers and log retired of devices you don’t recognize. Compromised accounts tin pb hackers consecutive into different parts of your integer life.

By pursuing these steps, you’ll beryllium taking broad enactment against imaginable threats stemming from the LSC information breach. 

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

Kurt's cardinal takeaway

The LSC breach isn’t conscionable different headline. It’s a superior reminder of however exposed we truly are. When personal, aesculapian and fiscal accusation is stolen, the consequences are contiguous and agelong term. Identity theft, fraudulent transactions and misuse of wellness information are each precise existent risks. If your accusation whitethorn person been affected, enactment now. Review your records, frost your recognition and beryllium vigilant.

If hospitals and labs can’t support diligent data, should they beryllium allowed to cod truthful overmuch of it? Let america cognize by penning america at Cyberguy.com/Contact.

CLICK HERE TO GET THE FOX NEWS APP

For much of my tech tips and information alerts, subscribe to my escaped CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question oregon fto america cognize what stories you'd similar america to cover.

Follow Kurt connected his societal channels:

• Facebook
• YouTube
• Instagram

Answers to the most-asked CyberGuy questions:

• What is the champion mode to support your Mac, Windows, iPhone and Android devices from getting hacked?
• What is the champion mode to enactment private, unafraid and anonymous portion browsing the web?
• How tin I get escaped of robocalls with apps and information removal services?
• How bash I region my backstage information from the internet?

New from Kurt:

• Try CyberGuy's caller games (crosswords, connection searches, trivia and more!)
• CyberGuy's exclusive coupons and deals

Copyright 2025 CyberGuy.com. All rights reserved.