Quest Diagnostics, a company that provides clinical trial and diagnostic medical testing as well as electronic health record management services, has reported a data breach. On December 12, 2016 the company announced that the hack, which affected around 34,000 people, had occurred. The video below reports on the event.
The company stated that the hack occurred on November 26, 2016 and that the accessed data included names, birth dates, medical records and in some cases, telephone numbers. However, they have said that other sensitive data like Social Security numbers, insurance or credit card information or any kind of financial information was not exposed in the intrusion. The attack was on an internet application for electronic health records that Quest Diagnostics maintains called MyQuest by Care360®.
The company has only stated that an “unauthorized third party” was responsible, and have not revealed many more details about the incident. They sought to reassure customers, by way of their press release, that they had taken steps to correct vulnerabilities in the application, and they have contacted law enforcement and enlisted the help of a cybersecurity firm to assess the systems of the company.
Those impacted were contacted by Quest by mail, and a toll-free number was created to handle inquiries about the incident, (888) 320-9970.
Source: Quest Diagnostics