After LabCorp reported two cyberattacks in the past 12 months and lost value as a result, a shareholder has filed suit against the company, according to a HIPAA Journal report.
Five things to know:
1. Shareholder Raymond Eugenio filed a lawsuit on April 23 against the company in an effort to recover losses LabCorp sustained after its share value dropped due to the cyberattacks, as well as recoup other losses.
2. Mr. Eugenio alleges in the suit that LabCorp didn't have sufficient cybersecurity oversight, which allowed the breaches to happen. The suit also accuses the company of not having a "sufficient data breach response plan" and named the company as well as its CIO, CFO and director in the suit.
3. In 2019, LabCorp fell victim to a data breach at American Medical Collection Agency, which exposed 10.2 million patient records. In January 2020, there was another reported breach at LabCorp related to a website misconfiguration that exposed about 10,000 documents.
4. The AMCA data breach cost LabCorp $11.5 million, according to a Securities and Exchange Commission filing, but that number did not include total losses or the cost of subsequent litigation.
5. The lawsuit also calls for reformed corporate governance and internal procedures, and seeks a public acknowledgement of the 2020 breach by the company.