Healthcare data breaches are common for two main reasons. Healthcare organizations are simple targets due to insufficient cybersecurity practices, and the data they store is extremely valuable. Bad actors can request and receive the ransom needed for stolen information.
In 2025 alone, there have already been half a dozen data breaches affecting healthcare agencies.
The most recent additions to this list include U.S. lab test providers. Laboratory Services Cooperative (LSC) has issued a statement confirming that hackers have been subject to data breaches that have stole sensitive information belonging to approximately 1.6 million individuals from its system.
Be protected and provide information! Get security alerts and expert technical tips – Sign up for “The Cyberguy Report” in your cart now
Doctor looking at data on his smartphone (Kurt “Cyberguy” Knutsson)
What you need to know
In October 2024, LSC, a nonprofit that provides lab testing services to reproductive health clinics like Planned Parenthood in 31 states, suffered a significant data breaches. On October 27, the threat actor gained unauthorized access to the LSC network, stealing sensitive personal and medical information belonging to around 1.6 million individuals, including patients and workers.
The violation was found on the same day, but LSC notified affected individuals from April 10, 2025 after completing the data review by February 2025, according to a notice shared by the nonprofit.
What is Artificial Intelligence (AI)?
Stolen data may vary from person to person, but may contain a wide range of confidential information. This includes personal information such as your name, address, email, phone number, Social Security number, driver's license or state ID number, passport number, and date of birth.
Medical information may have also compromised, including services, diagnosis, treatment, lab results, medical records, patient numbers, provider names, and treatment facility details. Additionally, you may have publicly published financial information such as billing details, bank account number, routing number, payment card details, and billing number. Violations may include insurance-related data, such as the type of health insurance plan, insurance company details, and member or group ID numbers.
Medical employee working on a laptop (Kurt “Cyberguy” Knutsson)
200 million social media records have been leaked in major X data breaches
Impact of data breaches
The LSC data breaches affected individuals from multiple states, including over 1,800 Maine, and selected selected parent-child selection centers in areas such as Alaska, Hawaii, Idaho, Indiana, Kentucky, Washington, perhaps Texas, Massachusetts and California. This violation poses a serious risk of identity theft, financial fraud, and misuse of medical information. For example, access to health services under a stolen identity.
LSC offers free credit monitoring and medical identity protection services for 12 or 24 months, with a registration deadline of July 14, 2025, depending on state requirements. A different service is available to affected minors.
The nonprofit organization said on its website that “The security of information maintained by the LSC remains a top priority. Following this incident, the LSC has implemented several measures to further strengthen the security of its environment. These measures include conducting new, updated risk analysis to be vigilant against ongoing threats, carrying out additional vulnerability and penetration tests, and providing additional security training for employees.”
The LSC has established a dedicated toll-free call centre for individuals to make calls with additional questions or concerns related to the incident. The call centre will have access to 1-855-549-2662, available Monday through Friday from 9am to 9pm.
Click here to get your Fox business on the go
Hackers at work (Kurt “Cyberguy” Knutsson)
Malware reveals 3.9 billion passwords with huge cybersecurity threats
11 Ways to Protect Yourself After an LSC Data Breach
If you're affected or just want to be careful, here are 11 steps you can take right now to stay safe from an LSC data breaches.
1. Be careful of phishing scams and use powerful antivirus software. By accessing emails, phone numbers, or lab records, attackers can create confident phishing emails pretending to be from healthcare providers and banks. These emails may contain malicious links designed to steal malware and login information. To protect yourself, use a powerful anti-virus program. Get the best 2025 Antivirus Protection Winners picks for Windows, Mac, Android and iOS devices.
2. Scrub data from the Internet using Personal Data Deletion Services. The more personal information is published online, the easier it will be for scammers to use it against you. Following an LSC breach, consider removing information from public databases and talent search sites. Please see the top picks for data deletion services.
3. Protection against identity theft and protection of identity theft: Hackers now have access to valuable information from LSC breaches, such as Social Security Numbers, Insurance Information, and even medical IDs. This makes it a major target for identity theft. They can also help freeze bank and credit card accounts to prevent further fraudulent use by criminals. Sign up for identity theft protection and get 24/7 surveillance, alerts for unusual activity, and support in case your identity is stolen. Check out my tips and best choices on how to protect yourself from identity theft.
4. Set up fraud alerts: Requests for fraud alerts will notify creditors that additional verification is required before issuing credits to your name. You can request fraud alerts through one of the three major credit agencies. They will notify others. This adds another layer of protection without completely freezing access to your credits.
5. Monitor your medical records: LSC breach includes lab results, diagnosis and treatment data, raising concerns about increased theft of medical identification documents. Someone can use your information to get care and prescriptions in your name. Check your medical records and insurance claims regularly. If anything goes wrong, please report it to your provider or insurance company immediately.
6. Beware of suspicious snail mail: After an LSC data breaches, the attacker can use the stolen information to send officially visible letters in the mail, pretending to be a healthcare provider, insurance company or government agency. These letters may be asked to call numbers, visit the website, or provide additional personal information. Just because you arrive in your mailbox doesn't mean you can trust it. Search for contact details independently to always review the source and avoid directly responding to unsolicited emails seeking confidential information.
7.Use Multi-Factor Authentication (MFA): Enable MFA on all important accounts such as email, banking apps, healthcare portals and more. Look at your account settings under Security or Login Options to activate them. MFA ensures that even if a hacker has a password, another verification method (such as a text code) will be required before accessing your account.
8. Monitor your credit reports: Check your credit reports regularly through the annual Creditreport.com. Here you can access free reports from each station once or frequently if you are interested in scams. Discovering unauthorized accounts early can prevent greater financial damage.
9. Change your password and use the password manager: Update your password with an account tied to the compromised data. Use unique, unique passwords that are difficult to guess, and let the password manager generate a secure password and run a heavy password. Reused passwords are simple targets after violations. Consider a password manager for convenience and security. For more information about my best expert reviewed password managers of 2025, click here.
10. Beware of social engineering attacks: Hackers may use stolen details such as names and dates of birth from violations of phone fraud, or use fake customer service calls designed to reveal more sensitive information. Please do not share your personal information via unsolicited phone or email. Social engineering attacks rely on trust, and vigilance is important.
11. Secure your online accounts: Check your security settings across all important accounts (especially email). Update recovery options such as backup emails and phone numbers and log out of unrecognized devices. A compromised account can direct hackers to other parts of their digital life.
By following these steps, you will take comprehensive action against potential threats resulting from an LSC data breaches.
How to delete private data from the Internet
Important points of cart
An LSC violation is not just another heading. It's a serious reminder of how exposed we are. If personal, medical, or financial information is stolen, the outcome will be immediate and long-term. Identity theft, fraudulent transactions, and misuse of health data are all very real risks. If your information may have been affected, take action now. Check your records, freeze your credits and be vigilant.
Should hospitals or labs not be able to protect patient data, should they be allowed to collect much of it? Please let us know by writing to cyberguy.com/contact.
Click here to get the Fox News app
For more information about my tech tips and security alerts, head to cyberguy.com/newsletter and subscribe to our free Cyberguy Report newsletter.
Please ask Cart questions or tell us what stories you would like us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
