Select a theme from the list.
Insights

From our experts

Latest
Microsoft Warns That Overprivileged AI Agents Are Becoming a New Identity RiskDigiCert Intrusion Reveals How Stolen Code-Signing Trust Can Shield MalwareAbbott Investigates Two Cyber Incidents as Extortion Claims Target Diagnostics OperationsSophos Fusion Recasts the Security Platform as an AI-Driven Defense SystemShark Vacuum Cloud Weakness Turns One Device Certificate Into a Regional Master KeyTrusted Meeting Apps Become the Bait in a Multi-Layer Windows Malware CampaignMicrosoft Makes Passkeys the Entra ID Default and Sets a Deadline for Native SMS AuthenticationSonicWall Zero-Days Under Active Attack Demand Immediate SMA1000 PatchingCritical Chrome and Firefox Updates Put Browser Restarts Back on the Security AgendaAsyncAPI Package Breach Turns Trusted Build Pipelines Into a Malware Delivery SystemMicrosoft Expands AI-Led Security Hardening and Sets 2029 Quantum-Safe GoalGlobal CMS Exploitation Wave Plants Webshells on Business WebsitesMicrosoft Warns That Overprivileged AI Agents Are Becoming a New Identity RiskDigiCert Intrusion Reveals How Stolen Code-Signing Trust Can Shield MalwareAbbott Investigates Two Cyber Incidents as Extortion Claims Target Diagnostics OperationsSophos Fusion Recasts the Security Platform as an AI-Driven Defense SystemShark Vacuum Cloud Weakness Turns One Device Certificate Into a Regional Master KeyTrusted Meeting Apps Become the Bait in a Multi-Layer Windows Malware CampaignMicrosoft Makes Passkeys the Entra ID Default and Sets a Deadline for Native SMS AuthenticationSonicWall Zero-Days Under Active Attack Demand Immediate SMA1000 PatchingCritical Chrome and Firefox Updates Put Browser Restarts Back on the Security AgendaAsyncAPI Package Breach Turns Trusted Build Pipelines Into a Malware Delivery SystemMicrosoft Expands AI-Led Security Hardening and Sets 2029 Quantum-Safe GoalGlobal CMS Exploitation Wave Plants Webshells on Business Websites
Security Insight

Abbott Investigates Two Cyber Incidents as Extortion Claims Target Diagnostics Operations

Abbott Investigates Two Cyber Incidents as Extortion Claims Target Diagnostics Operations
Photo by Solen Feyissa on Pexels

Abbott Laboratories is investigating separate security incidents involving legacy Exact Sciences systems and its externally hosted LabCentral portal. One extortion group claims it accessed an Entra ID account through voice phishing and stole large volumes of sensitive information, although those claims remain unverified and Abbott says business and patient services are unaffected.

Abbott Laboratories is responding to two distinct cybersecurity investigations affecting parts of its diagnostics business. The more serious incident involves unauthorized access to a limited number of legacy Exact Sciences systems within Abbott's Cancer Diagnostics division. Abbott says the affected environment is separated from its broader infrastructure and that manufacturing, laboratory operations, product availability, and patient services continue normally.

Extortion Claims Follow an Alleged Identity Attack

The ShinyHunters extortion group claims it gained entry through a voice-phishing operation that targeted employees in mid-June. According to the attackers, the social engineering campaign resulted in the compromise of a Microsoft Entra single sign-on account, creating a pathway into connected business applications.

The group has made extensive claims about information allegedly taken from platforms including SharePoint, ServiceNow, Databricks, and Coupa. It also claims the stolen material includes personal information and medical records. BleepingComputer emphasized that these claims have not been independently verified, making it important to distinguish confirmed unauthorized access from attacker-controlled statements intended to increase pressure.

A Separate Portal Investigation

Another actor claims to have accessed Abbott's third-party-hosted LabCentral portal using compromised customer credentials and extracted product documentation through application programming interfaces. Abbott disputes the characterization of that material, saying the portal contains publicly available manuals, troubleshooting documents, and product specifications rather than proprietary or customer information.

What Security Teams Should Learn

  • Require phishing-resistant authentication for employees with access to cloud applications.
  • Apply conditional access policies that evaluate device health, location, and session risk.
  • Monitor unusual API enumeration and high-volume downloads from customer portals.
  • Separate acquired or legacy environments from current identity and data platforms.
  • Establish rapid procedures for revoking sessions, tokens, and connected application access.

In my view, this case shows why identity compromise must be treated as an enterprise-wide event rather than an isolated account problem. A single cloud identity can connect attackers to numerous SaaS services without requiring traditional lateral movement. Organizations should also avoid allowing extortion claims to dictate their public narrative. Technical validation, clear scoping, and transparent communication are essential when attackers mix genuine evidence with exaggerated allegations.

Talk to our team →

Latest

Microsoft Warns That Overprivileged AI Agents Are Becoming a New Identity RiskJul 18, 2026DigiCert Intrusion Reveals How Stolen Code-Signing Trust Can Shield MalwareJul 18, 2026Abbott Investigates Two Cyber Incidents as Extortion Claims Target Diagnostics OperationsJul 18, 2026Sophos Fusion Recasts the Security Platform as an AI-Driven Defense SystemJul 16, 2026Shark Vacuum Cloud Weakness Turns One Device Certificate Into a Regional Master KeyJul 16, 2026Trusted Meeting Apps Become the Bait in a Multi-Layer Windows Malware CampaignJul 16, 2026

Most read

1Global CMS Exploitation Wave Plants Webshells on Business Websites2Microsoft Prepares Windows Customers for a Faster Era of AI-Driven Patching3Sophos Fusion Recasts the Security Platform as an AI-Driven Defense System4Exposed Attack Server Unmasks Three Microsoft 365 Phishing Operations5Laser Attack Exposes an Unpatchable Weakness in Tangem Crypto Wallet Cards6Microsoft Expands AI-Led Security Hardening and Sets 2029 Quantum-Safe Goal