The medical diagnostic and testing services of Synlab Italia have been temporarily suspended due to a ransomware attack that has caused their IT systems to be taken offline.
Synlab Italia is a part of the Synlab group that is present in 30 countries worldwide. It has an impressive network of 380 labs and medical centers throughout Italy and generates around $426 million in annual revenue. With over 35 million analyses conducted every year, Synlab Italia is a major player in the medical industry.
On April 18, the company announced that they had experienced a security breach in the early hours of the morning. As soon as the IT department was alerted, they took immediate action by disconnecting the entire corporate infrastructure from the network and shutting down all the machines in accordance with the company’s IT security procedures.
While the company has not confirmed it, it is believed that some sensitive medical data may have been exposed to the cyber attackers.
Synlab Italia stated, “As Data Processor pursuant to art. 28 GDPR, we inform you that to date, we cannot exclude that this attack may concern the personal data referred to in the services provided to you and under your ownership of the treatment.”
In light of this incident, all laboratory analysis and sample collection services have been suspended until further notice. Customers are asked to contact Synlab via phone as their email communication services are currently inactive.
Any medical samples that were in Synlab’s possession at the time of the cyberattack but had not yet been analyzed are being kept in low-temperature conditions as required for each specific case. However, there is a possibility that customers may have to resubmit new samples depending on how long it will take to restore the company’s systems.
Over the weekend, the company released an update stating that they have begun to gradually reactivate some services, including specialist outpatient visits and physiotherapy.
Additionally, efforts are being made to eliminate any remaining malware from the IT infrastructure and to restore systems using backups.
The company stated, “In these hours, the SYNLAB task force is analyzing every single portion of the IT infrastructure, including backup systems, in order to safely restore the systems as soon as possible.”
At this time, there is no specified timeline for when services will be fully restored. Customers are advised to visit the company’s website or follow their social media channels for further updates.
As of now, no major ransomware gangs have claimed responsibility for the cyberattack on Synlab Italia.