Synopsis of the Attack
Ambry Genetics — a California-based genetic testing lab — revealed back in April of 2020 that an email security breach had potentially compromised sensitive information pertaining to hundreds of thousands of patients. It was reported that hackers gained access to protected health information (PHI), personally identifiable information (PII), and other identifiers through an employee’s email account. Earlier that year, Ambry’s security team noticed unauthorized access to one of their employee’s email accounts and immediately initiated an investigation into the incident. While the company found no conclusive evidence of misuse and was unable to determine whether there was an unauthorized access to any particular information from the email account, it did not rule out the exposure of customers’ personal information. As a proactive measure, the company offered its customers free identity monitoring services to affected individuals and reassures customers of the necessary steps taken to avoid any future incidents. However, the affected patients took legal action against Ambry, arguing the company failed in its duty to protect their information. Even though the company did not admit any wrongdoing, the leadership agreed to over $12 million class action settlement with over two hundred thousand patients who were impacted to address the allegation.
What to Expect
Our team can be trusted to defend your organization by helping you provide a multi-layered set of mitigations to improve your organization’s resilience against phishing attacks while minimizing disruptions to business operations. Our cybersecurity trusted advisors are available to help provide the necessary visibility across your entire network infrastructure and thus allowing for proactive threat detection and improved incident identification, robust investigation, and rapid resolution. Additionally, our subject matter experts will help and guide your team to implement cost-saving measures to proactively identify, mitigate, and remediate security threats and potential attacks. In other words, the knowledge gained can be used to inform decisions regarding the enforcement of policy and best practices to stay protected against future attacks to a large extent. Don’t wait! We know that the threat landscape keeps evolving with new attack vectors and attack techniques, giving you even more reasons to evaluate your current cybersecurity solutions.
Response, Impact, Root Cause Analysis, and Lessons Learned
Want to discuss the response, real impact, root cause analysis, and lessons learned from this attack, and count on us to have the discussion tailored to your needs? Then make a decision now! The team of cybersecurity experts from AbriteLogic Solutions is available to offer a FREE half-hour consultation to discuss the relevant details along with the security implications it may have on your organization.