NEW YORK (GenomeWeb) – Quest Diagnostics announced today an unauthorized third-party intrusion into the MyQuest by Care360 internet app and a breach of personal health information (PHI) of its users.
On Nov. 26, the unauthorized third party accessed the app and obtained PHI of approximately 34,000 individuals, the firm said in a statement. Data included name, date of birth, lab results, and, in some cases, telephone numbers. The information did not include Social Security numbers, credit card information, insurance, or other financial information.
Quest said it immediately addressed the vulnerability, reported it to law enforcement, and is taking steps to prevent similar incidents in the future. It has also launched an investigation into the incident, working with a leading cybersecurity firm to further evaluate its systems.