Skip to content
Tech News
← Back to articles

Abbott Laboratories probes two cyber incidents amid extortion claims

read original more articles
Why This Matters

Abbott Laboratories is currently investigating two cybersecurity incidents involving unauthorized access to its internal systems, highlighting ongoing vulnerabilities in corporate cybersecurity defenses. These incidents underscore the importance for companies to strengthen their security measures against targeted attacks and data breaches, which can have significant implications for consumer trust and operational integrity.

Key Takeaways

Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also investigating a separate claim that attackers breached its LabCentral portal and stole company data.

The company confirmed the Cancer Diagnostics incident after the ShinyHunters extortion gang added Abbott to its data leak site, initially threatening to publish allegedly stolen data after July 18 unless the company negotiated with the group, before later extending the deadline to July 21.

Abbott's Exact Sciences is listed on ShinyHunters extortion site

Source: BleepingComputer

When BleepingComputer asked Abbott whether the ShinyHunters listing and a separate LabCentral breach claim were connected, Abbott directed BleepingComputer to a statement published on its website regarding the Cancer Diagnostics incident.

"Abbott is investigating a cyber incident in which there was unauthorized access to a limited number of internal systems in our Cancer Diagnostics business only," the company said.

"This does not impact any business operations, product or product availability, manufacturing or lab operations, or our ability to serve patients."

Abbott added that the security incident has not impacted any other Abbott businesses or systems, and said the legacy Exact Sciences systems are separate from Abbott's.

The company said it activated its incident response procedures after it learned of the incident, engaged cybersecurity experts, and notified law enforcement.

Abbott also stated that it does not expect the incident to have a material impact on its business or financial results.

... continue reading