Labcorp
Company Details
Linkedin ID:
labcorp
Website:
Employees number:
40,562
Number of followers:
745,320
NAICS:
62
Industry Type:
Homepage:
labcorp.com
IP Addresses:
0
Company ID:
LAB_8033794
Scan Status:
In-progress
Labcorp Company CyberSecurity Posture
labcorp.com
Clear and confident health care decisions begin with questions. At Labcorp, we’re constantly in pursuit of answers. As a global leader of innovative and comprehensive laboratory services, we help doctors, hospitals, pharmaceutical companies, researchers and patients make clear and confident decisions. We provide insights and advance science to improve health and improve lives through our unparalleled diagnostics and drug development laboratory capabilities. Our more than 60,000 employees serve clients in over 100 countries, worked on over 80% of the new drugs approved by the FDA in 2022 and performed more than 600 million tests for patients around the world. Learn more about Labcorp (NYSE: LH) at www.labcorp.com.
Labcorp A.I CyberSecurity Scoring
Labcorp Risk Score (AI oriented)Between 750 and 799
Labcorp
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Labcorp Global Score (TPRM)XXXX
Labcorp
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Labcorp Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Laboratory Medicine Consultants, Ltd.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Laboratory Medicine Consultants, Ltd. experienced a data breach involving its vendor, Retrieval Masters Creditors Bureau d/b/a American Medical Collection Agency (AMCA). The breach, discovered on May 15, 2019, potentially exposed patient names, addresses, phone numbers, dates of birth, service dates, balance information, and treatment provider information. The breach occurred on May 15, 2019, with prior incidents dated August 1, 2018, and March 30, 2019.
Labcorp
Ransomware
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: LabCorp, one of the largest clinical labs in the U.S., experienced Samsam ransomware attack. The ransomware was able to encrypt thousands of systems and several hundred production servers. The LabCorp SOC (Security Operation Center) immediately took action after that first system was encrypted, alerting IR teams and severing various links and connections. The quick actions neutralized the attack within 50 minutes. However, before the attack was fully contained, 7,000 systems and 1,900 servers were impacted. Of those 1,900 servers, 350 were production servers. Only Windows systems were impacted, nothing left the network during the attack, so the company is confident that there was no data breach.
Labcorp Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Labcorp
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Labcorp in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Labcorp in 2025.
Incident Types Labcorp vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Labcorp in 2025.
Incident History — Labcorp (X = Date, Y = Severity)
Labcorp cyber incidents detection timeline including parent company and subsidiaries
Labcorp Company Subsidiaries
Clear and confident health care decisions begin with questions. At Labcorp, we’re constantly in pursuit of answers. As a global leader of innovative and comprehensive laboratory services, we help doctors, hospitals, pharmaceutical companies, researchers and patients make clear and confident decisions. We provide insights and advance science to improve health and improve lives through our unparalleled diagnostics and drug development laboratory capabilities. Our more than 60,000 employees serve clients in over 100 countries, worked on over 80% of the new drugs approved by the FDA in 2022 and performed more than 600 million tests for patients around the world. Learn more about Labcorp (NYSE: LH) at www.labcorp.com.
Loading...
Labcorp Similar Companies
McKesson
Welcome to the official LinkedIn page for McKesson Corporation. We're an impact-driven healthcare organization dedicated to “Advancing Health Outcomes For All.” As a global healthcare company, we touch virtually every aspect of health. Our leaders empower our people to lead with a growth mindset an
Centene Corporation
Centene Corporation is a leading healthcare enterprise committed to helping people live healthier lives. Centene offers affordable and high-quality products to more than 1 in 15 individuals across the nation, including Medicaid and Medicare members (including Medicare Prescription Drug Plans) as wel
UnitedHealthcare
When it comes to your health, everything matters. That’s why UnitedHealthcare is helping people live healthier lives and making the health system work better for everyone. Our health plans are there for you in moments big and small, delivering a simple experience, affordable coverage, and supportive
Siemens Healthineers
Siemens Healthineers is a leading medtech company with over 125 years of experience. We pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our portfolio, spanning in vitro and in vivo diagnostics to image-guided therapy and cancer care, is crucial for clinical decision-makin
Helse Sør-Øst RHF
South Eastern Norway Regional health Authority is a merger between the former Eastern and South regional Health Authority. Responsible for secondary healthcare services for the south-eastern parts of Norway 2.5 million people (approx 52% of population) cost containment budget 58 billion Nkr. 100%
University of Maryland Medical System
The University of Maryland Medical System (UMMS) was created in 1984 when the state-owned University Hospital became a private, nonprofit organization. It has evolved into a multi-hospital system with academic, community and specialty service missions reaching every part of the state and beyond. UM
UCHealth
At UCHealth, we do things differently. We strive to promote individual and community health and leave no question unanswered along the way. We’re driven to improve and optimize health care. Our network of nationally-recognized hospitals, clinic locations and health care providers extends throughout
R1 RCM
R1 is the leader in healthcare revenue management, helping providers achieve new levels of performance through smart orchestration. A pioneer in the industry, R1 created the first Healthcare Revenue Operating System: a modular, intelligent platform that integrates automation, AI, and human expertise
Encompass Health
Encompass Health is the largest owner and operator of rehabilitation hospitals in the United States. With a national footprint that includes 158 hospitals in 37 states and Puerto Rico, the Company provides high-quality, compassionate rehabilitative care for patients recovering from a major injury or
.png)
Labcorp CyberSecurity News
September 05, 2025 07:00 AM
These 8 NC companies are among the best in the US for tech workers, Forbes says
The employers span industries including banking, retail, utilities, engineering and health care.
July 08, 2025 07:00 AM
Privia Health appoints former Labcorp CTO to board of directors
Privia Health Group, Inc. (NASDAQ:PRVA) announced Tuesday the appointment of Lance V. Berberian to its Board of Directors, effective July 15, 2025.
July 08, 2025 07:00 AM
Privia Health Appoints Lance V. Berberian To Board
Privia Health Group, Inc. (Nasdaq: PRVA) announced the appointment of Lance V. Berberian to its Board of Directors, effective July 15, 2025.
March 19, 2025 07:00 AM
The Biggest Healthcare Data Breaches of 2024
In 2024, there were 14 data breaches involving more than 1 million healthcare records, including the biggest healthcare data breach of all time.
September 30, 2024 07:00 AM
Labcorp Will Face Claims It Sent Patient Data to Google, Meta
Labcorp embedded tracker code on its website to collect patients' sensitive and health-related information and share it with third parties including Meta and...
July 19, 2024 07:00 AM
Doctors revert to pen and paper after CrowdStrike's outage hits hospitals: ‘Every single computer was down’
CrowdStrike's security software was meant to prevent the kind of system problems many hospitals and clinics are grappling with today.
March 26, 2024 07:00 AM
Cybersecurity firm outgrows Greensboro office, moves into former LabCorp site east of city
CEO LaTonja Fant, center, poses with staff of SSCI, a cybersecurity company, at its new headquarters at 5450 Millstream Road. With her, from...
November 30, 2023 08:04 AM
LabCorp Investigating Possible Attack & Data Breach
LabCorp, a medical and diagnostic firm that serves about 115 million patients every year, is investigating a possible cyber attack against its network and...
November 24, 2023 08:00 AM
Hackers Leak Thousands of Idaho National Lab Employees’ PII Data
According to local media, the lab has acknowledged a cyber attack resulting from a cybersecurity incident at a federally approved external...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Labcorp CyberSecurity History Information
Official Website of Labcorp
The official website of Labcorp is http://www.labcorp.com.
Labcorp’s AI-Generated Cybersecurity Score
According to Rankiteo, Labcorp’s AI-generated cybersecurity score is 776, reflecting their Fair security posture.
How many security badges does Labcorp’ have ?
According to Rankiteo, Labcorp currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Labcorp have SOC 2 Type 1 certification ?
According to Rankiteo, Labcorp is not certified under SOC 2 Type 1.
Does Labcorp have SOC 2 Type 2 certification ?
According to Rankiteo, Labcorp does not hold a SOC 2 Type 2 certification.
Does Labcorp comply with GDPR ?
According to Rankiteo, Labcorp is not listed as GDPR compliant.
Does Labcorp have PCI DSS certification ?
According to Rankiteo, Labcorp does not currently maintain PCI DSS compliance.
Does Labcorp comply with HIPAA ?
According to Rankiteo, Labcorp is not compliant with HIPAA regulations.
Does Labcorp have ISO 27001 certification ?
According to Rankiteo,Labcorp is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Labcorp
Labcorp operates primarily in the Hospitals and Health Care industry.
Number of Employees at Labcorp
Labcorp employs approximately 40,562 people worldwide.
Subsidiaries Owned by Labcorp
Labcorp presently has no subsidiaries across any sectors.
Labcorp’s LinkedIn Followers
Labcorp’s official LinkedIn profile has approximately 745,320 followers.
NAICS Classification of Labcorp
Labcorp is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Labcorp’s Presence on Crunchbase
No, Labcorp does not have a profile on Crunchbase.
Labcorp’s Presence on LinkedIn
Yes, Labcorp maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/labcorp.
Cybersecurity Incidents Involving Labcorp
As of December 19, 2025, Rankiteo reports that Labcorp has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Labcorp has an estimated 31,349 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Labcorp ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
How does Labcorp detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with severing various links and connections..
Incident Details
Can you provide details on each incident ?
Title: LabCorp Ransomware Attack
Description: LabCorp, one of the largest clinical labs in the U.S., experienced a Samsam ransomware attack that encrypted thousands of systems and several hundred production servers.
Type: Ransomware
Title: Data Breach at Laboratory Medicine Consultants, Ltd.
Description: The California Office of the Attorney General reported that Laboratory Medicine Consultants, Ltd. experienced a data breach involving its vendor, Retrieval Masters Creditors Bureau d/b/a American Medical Collection Agency (AMCA). The breach, discovered on May 15, 2019, potentially exposed patient names, addresses, phone numbers, dates of birth, service dates, balance information, and treatment provider information. The breach occurred on May 15, 2019, with prior incidents dated August 1, 2018, and March 30, 2019.
Date Detected: 2019-05-15
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware LAB2291122
Systems Affected: 7,000 systems1,900 servers350 production servers
Incident : Data Breach LAB156072625
Data Compromised: Patient names, Addresses, Phone numbers, Dates of birth, Service dates, Balance information, Treatment provider information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Patient Names, Addresses, Phone Numbers, Dates Of Birth, Service Dates, Balance Information, Treatment Provider Information and .
Which entities were affected by each incident ?
Incident : Ransomware LAB2291122
Entity Name: LabCorp
Entity Type: Clinical Lab
Industry: Healthcare
Location: U.S.
Incident : Data Breach LAB156072625
Entity Name: Laboratory Medicine Consultants, Ltd.
Entity Type: Company
Industry: Healthcare
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware LAB2291122
Incident Response Plan Activated: True
Containment Measures: severing various links and connections
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach LAB156072625
Type of Data Compromised: Patient names, Addresses, Phone numbers, Dates of birth, Service dates, Balance information, Treatment provider information
Personally Identifiable Information: patient namesaddressesphone numbersdates of birth
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by severing various links and connections and .
Ransomware Information
Was ransomware involved in any of the incidents ?
References
Where can I find more information about each incident ?
Incident : Data Breach LAB156072625
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney General.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2019-05-15.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were patient names, addresses, phone numbers, dates of birth, service dates, balance information, treatment provider information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were 7,000 systems1,900 servers350 production servers.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was severing various links and connections.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were balance information, addresses, patient names, service dates, dates of birth, treatment provider information and phone numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Risk Information
cvss3
Base: 4.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=labcorp' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
