
Decatur Diagnostic Laboratory Inc., a privately owned clinical laboratory in Decatur, Alabama, disclosed a data breach that has affected at least approximately 500 individuals in the United States.
The breach was reported to the U.S. Department of Health and Human Services on June 16, 2026. The company also posted a notice of the data privacy event on its website.
On April 14, 2026, the ransomware group known as LockBit 5.0 publicly claimed responsibility for a cyberattack on Decatur Diagnostic Laboratory. The attack resulted in unauthorized removal of data from the laboratory's computer systems.
The types of personally identifiable information and protected health information found in the stolen data included names, dates of birth, driver's license numbers, Social Security numbers, patient codes and medical record numbers. The specific types of exposed data varied from person to person.
The company encourages affected individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements, explanation of benefits and credit reports for suspicious activity. The company recommends that individuals continue this monitoring over the next 12 to 24 months.
The company's notification did not include an offer of free credit monitoring or identity theft protection services, but it did provide guidance on steps individuals can take on their own to protect their personal information.
Individuals with questions can contact Decatur Diagnostic Laboratory by phone at 256-355-9045 or by mail at 2828 US-31, Decatur, AL 35603.








.webp)
.webp)
.webp)

.webp)
.webp)
.webp)
.webp)