The recent news of possible Russian hackers’ interference during the US Presidential Election is overshadowing an actual hack on one of Quest Diagnostics’ internet application. The breached network affected around 34,000 personal health data. The lab company announced that it is currently investigating the said unauthorized third-party intrusion.
According to Quest Diagnostics’ press release, they discovered that their MyQuest by Care360 was illegally accessed on Nov. 26. Furthermore, the Protected Health Information of estimated 34,000 people has been obtained. Among the data that were breached are the name, date of birth, lab results and in some cases, telephone numbers.
The company cleared out that information regarding a person’s Social Security numbers, credit card information, insurance and other financial information are secured. It seems that the cybercriminals behind the hack have not yet used the data they were able to access.
The company ensured that their system’s vulnerability has already been patched. They are also working with a leading cyber security firm to help them build a more secure network. Apparently, Quest Diagnostics has reported the incident to law enforcement. In addition, affected individuals have been notified of the hack and are requested to contact them at (888) 320-9970 for more questions regarding the incident. The number can be reached from Monday through Friday, between 9 am and 7 pm ET.
A spokesperson for Quest Kim Gorode told Fortune in an email, “We deeply regret this incident and any inconvenience or concern it may have caused.” Gorode also spoke with Trib LIVE and added, “As far as we’re aware, the breach is contained and we’re working with a cyber security firm to assess the situation and prevent further attacks.”
The MyQuest desktop and mobile application are used to access lab results, medical information, medications and lab history, as well as to schedule an appointment and share health information.
Two days before the said hack, the US Navy had announced that the account of more than 130,000 sailors was breached. They were notified by the Hewlett Packard Enterprise Services (HPES) back on Oct. 27. Unfortunately for the Navy sailors, the culprits had access to sensitive information that includes their Social Security Numbers.
HPES admitted that one of their laptops operated by their employee was reported as compromised. A Navy official told the Navy Times that the data were accessed from the Career Waypoints database called C-Way. It happened when sailors submitted their re-enlistment and Navy Occupational Specialty requests.