Samsam infected thousands of LabCorp systems via brute force RDP
Steve Ragan reports:
LabCorp, one of the largest clinical labs in the U.S., said the Samsam ransomware attack that forced their systems offline was contained quickly and didn’t result in a data breach.
However, in the brief time between detection and mitigation, the ransomware was able to encrypt thousands of systems and several hundred production servers.
The wider public first learned about the LabCorp incident on Monday, when the company disclosed it via an 8-K filing with the SEC. Since then, as recovery efforts continue, the company said they’re at about 90-percent operational capacity.
Read more on CSO Online.