Top US lab testing firm hit with major data leak, exposes health info on 1.6 million users
LSC confirms data breach in a press release.
- Laboratory Services Cooperative confirmed suffering a data breach in October 2024
- An investigation uncovered that the crooks stole sensitive data
- The information has not yet surfaced on the dark web
Laboratory Services Cooperative (LSC), a significant US-based laboratory for healthcare providers, has revealed it suffered a data breach and lost some member information.
In a press release published on its, LSC said it identified “suspicious activity” within its network on October 27, 2024. It notified the police and brought in third-party cybersecurity experts to analyze the incident and assess its effects.
The investigation concluded in February 2025, and showed that “certain LSC patient and worker-related data might be affected.”
Monitor your credit score with TransUnion starting at $29.95/month
TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.
Preferred partner (What does this mean?)View Deal
Payment info stolen
According to BleepingComputer, roughly 1.6 million people are affected. The stolen data has not yet leaked online, and no one claimed responsibility just yet.
The data stolen varies from case to case, LSC says, adding that it may include contact details (names, addresses, phone numbers, emails), as well as medical and clinical information (date(s) of service, diagnoses, treatment, medical record number, lab results, patient/accession number, provider name, treatment location, and related-care details), health insurance information (plan name, plan type, insurance companies, and member/group ID numbers), and most worrisome - billing claims and payment data.
The data could also include claim numbers, billing details, bank account details (bank name, account number, routing number), billing codes, payment card details, balance details, and similar banking and financial information.
Furthermore, crooks may have taken people’s Social Security numbers, driver’s license or state ID numbers, passport numbers, dates of birth, demographic data, student ID numbers, and other forms of government identifiers.
“For LSC workers, the information involved may also include details about their dependents or beneficiaries if that information was provided to LSC,” the press release reads.
LSC acts as a cooperative, meaning it's owned and governed by its member physicians and clinics. The breach mostly affects people who did tests through some Planned Parenthood centers that use LSC for their testing, it was said.
You might also like
- Thousands of healthcare records exposed online, including private patient information
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
![How to Find Low-Competition Keywords with Semrush [Super Easy]](https://static.semrush.com/blog/uploads/media/73/62/7362f16fb9e460b6d58ccc09b4a048b6/how-to-find-low-competition-keywords-sm.png)
