SYNLAB Italia, a provider of medical diagnostic services has temporarily halted its healthcare services across Italy after experiencing a cyber incident. The healthcare diagnostics entity stated the SYNLAB Italia cyber-incident occurred during the early hours of 18th April and that it had become aware of the incident at 07.00 CET (Central European Time).
Following the SYNLAB Italia cyber-incident, the IT department took action to block the entire company infrastructure from accessing the affected network while shutting down all machines in accordance with the company’s security guidelines.
SYNLAB Italia is part of SYNLAB Group, which was founded by a loose association of German physicians. The group claims a presence in over 30 countries, with a staffing of over 28,000 employees and claims to conduct approximately 600 million tests every year.
Firm Halts Operations After SYNLAB Italia Cyber-incident
After becoming aware of the SYNLAB Italia cyber-incident, the healthcare facilitator established a task force consisting of internal and external professionals who took action to mitigate potential impact stemming from the attack while focusing on restoring critical services as early as possible.
SYNLAB then moved to secure biological samples that had already been collected and subsequently restored patient services such as specialist outpatient visits and physiotherapy. Upon visiting SYNLAB Italia’s site, visitors are prompted with links to visit either a patient service or customer service updates page.
The patient page provides details about regional availability, outpatient services, regional center emergency numbers while informing patients about the services that remain suspended. The Customer and Business services page provides visitors with details about the cyberattack, alternative emergency numbers
SYNLAB stated that its task force is investigating every aspect of its IT infrastructure as well as its backup systems to restore its systems as soon as possible. The company stated that it had filed a complaint with the Postal Police, and has followed procedure for issuing a preliminary notification to the Guarantor Authority for the Protection of Personal Data.
SYNLAB has apologized to its patients for the incident and stated that it had made available dedicated telephone and social channels for managing patient requests and information in the interim as some of its services and official email system remained down.
The company stated that it would update patients, customers and the public on updates through its official website and social media channels while stating that it is working on limiting customer inconvenience and providing necessary support.
Medical Data at Risk in SYNLAB Italia Cyber-incident
The healthcare provider stated that although the investigation is ongoing and the full extent of compromised data hasn’t been confirmed, it acknowledged the potential exposure of sensitive medical data.
Moreover, SYNLAB Italia affirmed its adherence to GDPR regulations when addressing concerns regarding potential data exposure. It pledged to restore systems as readily as possible while implementing necessary measures aimed at secure resumption of services on an urgent basis.
The company confirmed that it had issued emails communicating the incident to some of its patients through an external provider not impacted by the attack.
The Cyber Express has reached out to SYNLAB Italia for further details regarding the attack, but no response has been received yet. No threat actor group or individual has been observed claiming responsibility for the attack so far.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
