OraSure Technologies Experiences “Cybersecurity Incident” and Investigates Possible Data Breach | Console and Associates, P.C.
On April 12, 2024, OraSure Technologies, Inc. (“OraSure”) filed a notice with the Securities and Exchange Commission after discovering that an unauthorized party was able to gain access to its computer network. In this notice, OraSure explains that the incident resulted in an unauthorized party being able to exfiltrate—or remove—certain files from the OraSure network and that the company is in the process of investigating what, if any, consumer data was among the leaked information. If OraSure confirms that any consumer data was compromised, it will be required to send out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notification from OraSure Technologies, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible OraSure Technologies data breach. For more information, please see our recent piece on the topic here.
Was There an OraSure Technologies Data Breach?
It is too early to tell if there was an OraSure data breach, as the company only recently announced that it was the victim of a cyberattack. While more information is expected in the near future, OraSure’s filing with the Securities and Exchange Commission provides some important information on what led up to the incident.
According to this source, on March 27, 2024, OraSure learned that an unauthorized party had gained access to its computer network. In response, OraSure secured its network, notified law enforcement, and then began working with external cybersecurity experts to investigate the incident and determine what, if any, consumer information was leaked.
Ultimately, OraSure confirmed that the unauthorized party was able to remove certain files from its network.
After learning that company data was accessible to an unauthorized party, OraSure Technologies reviewed the compromised files to determine what information was leaked and whether consumers were impacted. OraSure is still in the process of reviewing the leaked information; however, hackers typically target companies for the specific purpose of obtaining confidential consumer data, which can later be used to commit identity theft or sold to other criminals on the Dark Web.
On April 12, 2024, OraSure Technologies notified the SEC. However, the company’s investigation is ongoing, and if OraSure confirms that consumer data was leaked, it will be required to send out data breach letters to anyone who was affected. If sent, these letters should provide victims with a list of what information belonging to them was compromised.
More Information About OraSure Technologies, Inc.
OraSure Technologies, Inc. is a healthcare manufacturing company based in Bethlehem, Pennsylvania. OraSure develops, manufactures, and distributes rapid diagnostic tests, sample collection devices, and molecular services solutions designed to discover and detect various medical conditions, such as COVID-19, HIV, Hepatitis C, and Ebola. OraSure operates several subsidiaries, including DNA Genotek, Diversigen, and Novosanis. OraSure Technologies employs more than 785 people and generates approximately $452 million in annual revenue.