Cybersecurity expert Gavin Dennis reported on X (formerly Twitter) that approximately 400,000 files from BioMedical (Caledonia Medical Laboratory) were allegedly stolen and shared on the dark web.
This massive data breach has exposed the sensitive medical information of over 70,000 Jamaicans, with potentially hundreds of thousands more at risk.
The leaked data includes highly personal information, such as cancer screening results (cytology) and extensive personal details, now circulating on the dark web.
The hackers claiming responsibility for the attack allege they compromised BioMedical’s systems in December 2024, but only released the stolen files in January 2025.
BioMedical, one of Jamaica’s oldest and largest medical diagnostic providers with approximately 46 islandwide collection centers, has not yet publicly acknowledged the breach or confirmed whether they have notified affected individuals, as required by Jamaica’s Data Protection Act. This lack of communication has drawn criticism and heightened concerns.
The hackers claim to have compromised BioMedical’s Windows Domain Controller, suggesting a potential vulnerability in the lab’s network security.
The leaked files are reportedly being downloaded by an unknown number of individuals, potentially exposing the private medical records of thousands, if not millions, of Jamaicans.
Images shared online, allegedly screenshots of the leaked data, are publicly available on the dark web, underscoring the severity of the breach.
Authorities are likely investigating the matter, but no official statement has been released. This incident highlights the growing threat of cyberattacks targeting sensitive medical data and the urgent need for stronger data protection measures.
Update: Biomedical Caledonia Medical Lab Response
Further details have emerged regarding the November 2024 cybersecurity incident at Biomedical Caledonia Medical Laboratory Limited. While the lab’s initial statement confirmed unauthorized access and ongoing investigation, recent reports indicate the breach may have compromised a significantly larger amount of data than initially anticipated.
Sources now claim that approximately 400,000 files were stolen in the attack. This new information raises serious concerns about the scope of the data breach and the potential impact on patients.
Statement Regarding Cybersecurity Incident at
Biomedical Caledonia Medical Laboratory Limited
KINGSTON, JAMAICA: February 05, 2025 – Biomedical Caledonia Medical Laboratory Limited confirms that there was an unauthorized access incident in November 2024. The investigation, to date, has revealed that the incident resulted from the unauthorized access of our network and systems though an external vendor. We are still investigating the extent of the breach and have been informing our stakeholders including doctors and clients (patients).
At the time the breach was discovered, we immediately took the necessary steps to prevent further unauthorized access, hired a certified cybersecurity and forensic investigator and a team of cybersecurity specialists to address the issue. All the relevant government and law-enforcing stakeholders were also promptly advised.
We want to reassure our community that we understand the concerns this raises and are doing everything possible to protect their data and maintain the trust they have placed in us. We have selected a new managed services provider, implemented enhanced security measures, upgraded our entire IT infrastructure, deployed a Security Information and Event Management (SIEM) system as well as installed Intrusion Detection Systems (IDS) among other actions. These measures have strengthened our security posture. We have also revised the protocols for vendor relationships and bolstered our internal security policies.
We deeply regret this incident. We remain focused on completing our investigation and communicating with stakeholders who may have been impacted. We understand that members of our community may want to reach out directly and we are available via the channels noted below.
Contact Information
For questions or concerns, please contact us:
Phone: 876-618-0911, 876-618-0912
WhatsApp: 876-778-0670
Email: [email protected]
Bitvoxy Digest will continue to follow this developing story and provide updates as they become available. We urge anyone potentially affected by this incident to contact Biomedical Caledonia Medical Laboratory Limited directly using the contact information provided in their official statement.
For further details on this incident, please see reports from the Jamaica Observer (https://www.jamaicaobserver.com/2025/02/05/biomedical-expresses-regret-data-breach-upgrades-cybersecurity/) and the Jamaica Gleaner (https://jamaica-gleaner.com/article/lead-stories/20250206/biomedical-investigating-unauthorized-access-sensitive-client-data and https://jamaica-gleaner.com/article/news/20250205/biomedical-lab-enhances-cybersecurity-following-data-breach ).
Update: We’ve updated this story with information from Biomedical Caledonia Medical Laboratory Limited’s official response.
If you click on a link and make a purchase we may receive a small commission. Learn more. All content on this site is provided with no warranties, express or implied. Use any information at your own risk. Privacy Policy.
Discover more from BITVoxy Digest
Subscribe to get the latest posts sent to your email.
