The laboratory, which has been operating since 1997 and is based in Farmingdale of New York, provides medical testing services to hundreds of home health services and thousands of physicians in New York and South Florida.
On July 25, 2020, Apex Laboratory discovered that it had fallen victim a cyber attack that resulted in certain files and systems not be accessible. Access to network was restored along with the affected data and the company resumed normal operations on 27 July.
The company also hired an expert to further investigate the attack. The investigation found no evidence of unauthorized access or access to patient information, and the Apex Laboratory did not initially disclose the incident.
However, last month cybercriminals behind the attack, who had managed to steal "personal and health information for some patients", published it in Internet on their blog. Information believed to have been obtained includes patients' names, dates of birth, test results, and for some individuals, social security numbers and telephone numbers. So the company was forced to announce the incident.
Apex Laboratory has not yet revealed how many patients were affected by the incident, but said the stolen information could have been gathered over a four-day period.
"It is believed that this information may have been obtained from Apex systems between July 21 and July 25, 2020."
Η announcement "On July 25, 2020, the Apex Laboratory of Farmingdale, NY ('Apex') discovered that it had been the target of a cyber attack and that certain systems in its environment were encrypted and inaccessible."
The announcement suggests that it is ransomware attack, however, did not say he paid a ransom to the attackers. Of course, the rapid recovery of affected data and the removal of stolen data from his blog hacker indicates possible communication and settlement of the issue.