Quest Diagnostics Investigating Data Breach
The company reported it is taking steps to prevent similar incidents from happening in the future and is working with a leading cybersecurity firm to assist in investigating and further evaluating its systems.
Madison, N.J.-based Quest Diagnostics Inc. is investigating a data breach, describing it as "an unauthorized third-party intrusion into an internet application on its network" that allowed the outside party to obtain Protected Health Information of about 34,000 people. "The accessed data included name, date of birth, lab results, and in some instances, telephone numbers. The information did not include Social Security numbers, credit card information, insurance or other financial information. There is no indication that individuals' information has been misused in any way," according to the company's Dec. 12 announcement, which said Quest Diagnostics has notified individuals whose accounts have been affected.
The breach took place on Nov. 26, 2016, and the third party accessed the MyQuest by Care360® internet application, the company reported, saying it is taking steps to prevent similar incidents from happening in the future and is working with a leading cybersecurity firm to assist in investigating and further evaluating the company's systems. "The investigation is ongoing and the unauthorized intrusion has been reported to law enforcement," the announcement stated.
The company is a major provider of diagnostic testing for detecting diseases and health information, as well as testing for use of illicit drugs.