Cyberattack on Quest Diagnostics breaches 34,000 patient records

Hackers gained access through the company’s MyQuest by Care360 app on Nov. 26.
By Jessica Davis
10:48 AM
Share

Quest Diagnostics operates forensic toxicology laboratories across the United States that perform workplace drug testing. A laboratory technician prepares a urine specimen for testing at a Quest lab in Lenexa, Kansas. Quest Diagnostics photo.

Quest Diagnostics, a New Jersey-based clinical laboratory services company, announced Monday its internet application was breached by an unauthorized third-party.

The company has notified the 34,000 patients affected by the cyberattack via mail and established a dedicated line for its patients to call with any concerns.

Hackers breached the company’s MyQuest by Care360 app on November 26 and accessed patient protected health information. Officials said Social Security numbers, credit card information, insurance cards and financial information wasn’t included in the stolen data.

However, the cybercriminals were able to access names, dates of birth, lab results and some telephone numbers. Officials asserted they have no evidence this information has been misused.

Quest is working with a cybersecurity firm to investigate the breach and evaluate the security of its systems.

“Quest is taking steps to prevent similar incidents from happening in the future,” officials said in a statement. “The investigation is ongoing and the unauthorized intrusion has been reported to law enforcement.”

Quest joins the growing list of high-profile companies breached this year. Newkirk Products, a provider of health insurance ID cards, had a data breach that affected more than 3.3 million members of its insurance plans.