SYNLAB, a leader in diagnostic and laboratory testing services in Italy, experienced a significant cyberattack on its computer and telephone systems on the morning of April 18. In response, the company promptly established a task force comprised of both internal and external experts aimed at mitigating the impacts and restoring system functionality as quickly as possible. This swift action followed SYNLAB’s established IT security procedures which involved the immediate deactivation of all company IT systems across Italy to prevent further damage.
Upon discovering the attack, SYNLAB took additional steps to ensure the safety of biological samples that had been collected, adhering to existing regulations. The company then began a cautious process to reactivate certain services, including outpatient specialist visits and physiotherapy, ensuring that each step was safely handled to avoid any additional risks or disruptions. This gradual reactivation was communicated through regional updates provided by the company to keep the public and patients informed.
In the aftermath of the attack, SYNLAB not only worked on restoring its services but also took legal and regulatory steps. The company filed a complaint with the Postal Police and initiated a preliminary notification procedure with the Guarantor Authority for the Protection of Personal Data, demonstrating its commitment to transparency and compliance with data protection laws. Furthermore, SYNLAB issued a public apology to its patients for the inconvenience caused and set up dedicated telephone and social media channels to handle requests and disseminate information effectively.
Throughout the incident, SYNLAB has been actively updating patients, customers, and the public on the progress of their recovery efforts through their website and social media channels. This ongoing communication is part of the company’s strategy to maintain trust and provide reassurance that they are handling the situation with the utmost seriousness and attention to detail. The incident underscores the challenges that modern healthcare providers face in protecting their IT infrastructure and the importance of having robust security measures and response plans in place.
