Quest Diagnostics Reports Data Security Incident

Hackers grab protected health information

Quest Diagnostics, Incorporated, based in Madison, New Jersey, has announced that it is investigating an unauthorized third-party intrusion into an Internet application on its network. The company provided notice to individuals whose accounts have been affected.

On November 26, 2016, an unauthorized third party accessed the MyQuest by Care360 Internet application and obtained protected health information for approximately 34,000 individuals.

The accessed data included name, date of birth, laboratory results, and in some instances, telephone numbers. The information did not include Social Security numbers, credit card information, or insurance or other financial information. There is no indication that individuals’ information has been misused in any way, the company said.

Quest is working with a leading cybersecurity firm to assist in investigating the incident and in further evaluating the company’s systems. The investigation is ongoing, and the unauthorized intrusion has been reported to law enforcement.

Source: Quest Diagnostics; December 12, 2016.