OraSure discloses cybersecurity breach | LabPulse.com
In a filing with the U.S. Securities and Exchange Commission (SEC), the diagnostics firm said that “on or about March 27, 2024,” it became aware of a cybersecurity breach in which an unauthorized third party gained access to its data through “certain information systems.”
OraSure initiated response protocols, began an investigation with cybersecurity experts and external counsel, and notified law enforcement, it said. The company believes the incident was contained and the integrity of its core financial and operational systems preserved.
The firm noted that while certain files had been exfiltrated, the incident had no material impact on its operations, financial systems, or financial condition, and the company did not anticipate any future material impact on its “financial condition and results of operations.”
OraSure is still investigating the extent of any sensitive information contained within the breached systems, including any personal information, according to the filing.
The company said that, based on the findings of its investigation, it will issue any regulatory and legal notifications required as a result of this incident.