Jul 2018 – What’s up involving LabCorp Cyber Security incident ?

Headline News said a global laboratory company suspect encounter cyber attack this month (Jul 2018). LabCorp  a leading global life sciences company,  aim to provides diagnostic, drug development and technology-enabled solutions for more than 115 million patient encounters per year. As of today, we did not heard any official announce the details. However the news on article given hints to speculated the root cause. The company insider senior managers were informed that the entire computer network of LabCorp, a Fortune 500 company, was shut down across the US Sunday morning after hackers tried to access the private medical records of millions of people.

Regarding to this unconfirmed cyber attack incident, can you still remember CVE-2018-10593 and CVE-2018-10595. What if attacker hunt the staff from LabCorp go through phishing email or send malicious MS Word document. It luck to evade the antivirus and firewall IPS. Then conduct the design weakness of BD Kiestra system vulnerabilities (CVE-2018-10593 and CVE-2018-10595). It looks that one of the data breach scenario will be successful establish.

A VULNERABILITY FOUND IN BECTON DICKINSON DB MANAGER (CVE-2018-10593 AND CVE-2018-10595)

A vulnerability found in becton dickinson DB Manager (CVE-2018-10593 and CVE-2018-10595)

Headline News:

EXCLUSIVE: Hackers have breached the network at LabCorp – one of the largest diagnostic blood testing laboratories in the US – sparking fears of exposing MILLIONS of patients’ private medical records

http://www.dailymail.co.uk/news/article-5959021/LabCorp-blood-testing-labs-hacked-sparking-fears-exposing-MILLIONS-patients-records.html

FBI Aware Of ‘Reports Of Ransomware Attack’ Involving LabCorp Security Breach

https://www.wfmynews2.com/article/news/fbi-aware-of-reports-of-ransomware-attack-involving-labcorp-security-breach/83-574887499

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.