According to sources, Summit Pathology Laboratories (a Medical organization in Colorado) was hit with a cyber attack. It was first reported on 2024-10-31.

If You're in Colorado, You're at Increased Risk

Specialized Cybersecurity for Critical Infrastructure

Manage your organization’s attack surface with SecuLore’s passive cyber threat detection.

  • Asset Discovery
  • Vulnerability Assessments
  • Risk Prioritization

  • 24/7 Active Threat Detection

  • Continuous Monitoring

Source 1  |  2024-10-31

Medusa Ransomware Hack of Pathology Lab Affects 1.8 Million

“Six months after an employee opened a phishing email sent by ransomware gang Medusa, a Colorado-based pathology laboratory is notifying more than 1.8 million patients that their sensitive information was compromised - one of the largest breaches reported by a medical testing lab to U.S. federal regulators to date. “

“The lab, Summit Pathology Laboratories, said IT systems affected by the incident contained demographic and healthcare information, including names, addresses, medical billing and insurance information, diagnoses, dates of birth, Social Security numbers, and financial information. “

“The incident began in April when an employee clicked open a malicious email attachment, despite staff being provided "a gazillion" warnings and training, attorney Ellen Stewart of law firm Spencer Fane, which is representing the lab in the incident, told Information Security Media Group. The company then detected suspicious activity in its IT environment. “

“Summit Pathology as of Thursday is already facing eight proposed federal class action lawsuits filed in the past week centering on the breach, which the company reported to the U.S. Department of Health and Human Services on Oct. 18 as a hacking incident involving a network server. “

Guarding Against Hacking

  • October 25, 2017

    Hackers Gone Wild: How Cybercriminals Impact 9-1-1 Systems

  • November 11, 2020

    4 Year Anniversary – Twitter TDoS Attack

  • October 14, 2020

    Incidents from the Trenches

  • July 8, 2020

    The Vicious Evolution of Cyber Attacks

Guarding Against Phishing

  • February 24, 2025

    Phishing Webinar: Inside the Hacker’s Toolbox

  • October 10, 2023

    Cybersecurity Awareness Month 2023: Key Takeaways

  • April 12, 2023

    Don’t Get Hooked: Avoiding the Phish

  • November 10, 2021

    Don’t Take the Bait: Phighting the Phish

Cybersecurity for Critical Infrastructure

SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.

  • 24/7 Vulnerability & Threat Monitoring

  • Automated & AI Threat Detection

  • Specialized Threat Intelligence

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis