Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Abbott Laboratories probes two cyber incidents amid extortion claims

    July 17, 2026

    Review of Departmental Implementation of the Avoiding Complicity in Mistreatment by Foreign Entities Act for 2023

    July 17, 2026

    Infosec News Nuggets — July 17, 2026 – AboutDFIR

    July 17, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»Abbott Laboratories probes two cyber incidents amid extortion claims
    News

    Abbott Laboratories probes two cyber incidents amid extortion claims

    adminBy adminJuly 17, 2026No Comments4 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Abbott

    Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also investigating a separate claim that attackers breached its LabCentral portal and stole company data.

    The company confirmed the Cancer Diagnostics incident after the ShinyHunters extortion gang added Abbott to its data leak site, initially threatening to publish allegedly stolen data after July 18 unless the company negotiated with the group, before later extending the deadline to July 21.

    Abbott's Exact Sciences is listed on ShinyHunters extortion site
    Abbott’s Exact Sciences is listed on ShinyHunters extortion site
    Source: BleepingComputer

    When BleepingComputer asked Abbott whether the ShinyHunters listing and a separate LabCentral breach claim were connected, Abbott said the incidents are unrelated and directed BleepingComputer to a statement published on its website regarding the Cancer Diagnostics incident.

    image

    “Abbott is investigating a cyber incident in which there was unauthorized access to a limited number of internal systems in our Cancer Diagnostics business only,” the company said. 

    “This does not impact any business operations, product or product availability, manufacturing or lab operations, or our ability to serve patients.”

    Abbott added that the security incident has not impacted any other Abbott businesses or systems, and said the legacy Exact Sciences systems are separate from Abbott’s.

    The company said it activated its incident response procedures after it learned of the incident, engaged cybersecurity experts, and notified law enforcement.

    Abbott also stated that it does not expect the incident to have a material impact on its business or financial results.

    ShinyHunters claimed to BleepingComputer that it gained access through a vishing attack targeting several Abbott employees in mid-June. According to the threat actor, the attack allowed it to compromise a Microsoft Entra single sign-on (SSO) account and gain access to internal systems.

    Since last year, the extortion group has been conducting social engineering campaigns that target employees’ Microsoft Entra, Okta, and Google SSO accounts.

    After gaining access to a corporate SSO account, the threat actors steal data from connected SaaS applications such as Salesforce, Microsoft 365, Google Workspace, SAP, Slack, Adobe, Atlassian, Zendesk, Dropbox, and many others.

    The extortion gang has been increasingly targeting medtech companies, including Medtronic, OneMedical, and AdaptHealth. BleepingComputer has learned that ShinyHunters was also behind the iRhythm data breach and targeted Stryker soon after the company recovered from a destructive Iranian data-wiping attack.

    When asked what data was allegedly stolen, ShinyHunters claimed it exfiltrated data from Microsoft Entra, ServiceNow, SharePoint, Databricks, and Coupa, including internal documents, contracts, and customer information.

    The threat actor further claimed to have stolen more than 30 million rows of customer personally identifiable information (PII) from multiple datasets containing names, email addresses, phone numbers, physical addresses, dates of birth, and more than one million Social Security numbers.

    The group also claimed to have stolen over 22 million client notes containing doctor-patient conversations, more than 20 million medical orders, and customer agreements and NDAs.

    BleepingComputer has not independently verified the threat actor’s claims regarding the stolen data.

    Alleged breach at LabCentral customer portal

    The second incident involves a threat actor known as ShadowByt3$, who contacted BleepingComputer claiming to have breached Abbott’s Core Laboratory diagnostics business through its LabCentral customer portal.

    The threat actor said it breached the unit via its LabCentral customer portal using compromised customer credentials after identifying what it described as a “weak point” in the environment.

    According to the threat actor, they gained access on July 4, 2026, after which they slowly exfiltrated files by targeting API endpoints. 

    ShadowByt3$ claims the stolen data includes CE manufacturing certificates, operation manuals, technical specifications, regulatory documentation, product requirement archives, calibrator value assignments, assay files, and other product documentation related to Abbott’s laboratory diagnostic systems.

    The group says no customer data was stolen, but claims it obtained sensitive business documents and intellectual property. It also provided BleepingComputer with screenshots and a file listing as purported proof of the intrusion. 

    Abbott confirmed to BleepingComputer that it is aware of the “potential” cyber incident but disputed the threat actor’s characterization of the data it claims to have stolen, stating that all data stored in the environment is public and not sensitive.

    “LabCentral is an externally facing third-party hosted portal used by Abbott’s core laboratory diagnostics business,” an Abbott spokesperson told BleepingComputer.

    “It houses publicly available technical product reference documents, including operating manuals, troubleshooting checklists and product specifications, and does not contain proprietary/sensitive customer or business information.”

    At this time, neither ShinyHunters nor ShadowByt3$ has publicly released data they claim to have stolen from Abbott.


    article image

    Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.

    The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

    Get the whitepaper



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleReview of Departmental Implementation of the Avoiding Complicity in Mistreatment by Foreign Entities Act for 2023
    admin
    • Website

    Related Posts

    News

    Review of Departmental Implementation of the Avoiding Complicity in Mistreatment by Foreign Entities Act for 2023

    July 17, 2026
    News

    Infosec News Nuggets — July 17, 2026 – AboutDFIR

    July 17, 2026
    News

    Review of Departmental Implementation of the Avoiding Complicity in Mistreatment by Foreign Entities Act for 2023: Backgrounder

    July 17, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Our Picks

    Abbott Laboratories probes two cyber incidents amid extortion claims

    July 17, 2026

    Review of Departmental Implementation of the Avoiding Complicity in Mistreatment by Foreign Entities Act for 2023

    July 17, 2026

    Infosec News Nuggets — July 17, 2026 – AboutDFIR

    July 17, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.