Medical Laboratory Quest Diagnostics Hacked
Vulnerability found on several Netgear routers
December 12, 2016
Yahoo data breached, again – 1 billion accounts
December 14, 2016
Quest Diagnostics announced on Monday that a successful hack has exposed the health records of 34,000 people.
The hacker on Nov. 26 exploited a vulnerability to break into the "MyQuest by Care360" Internet application on Quest's network. Once inside, the "unauthorized third-party" was able to access patients' names, birth dates, lab results, and telephone numbers, the company said.
On the plus side, the breached information did not include Social Security numbers, credit card information, insurance data, or any other financial information. At this time, "there is no indication that individuals' information has been misused in any way," the company said.
Quest said it has already notified affected customers via mail, so be on the lookout for a letter if you've had any lab work done recently. The company said it "immediately addressed the vulnerability" after discovering the intrusion.
"Quest is taking steps to prevent similar incidents from happening in the future, and is working with a leading cybersecurity firm to assist in investigating and further evaluating the company's systems," according to the announcement. "The investigation is ongoing and the unauthorized intrusion has been reported to law enforcement."
Quest has set up a toll-free number for people to call with questions about the incident. The number is (888) 320-9970, and can be reached Monday through Friday between 9 a.m. and 7 p.m. ET.
Extracted from pcmag.com (http://www.pcmag.com/news/350280/medical-laboratory-quest-diagnostics-hacked)
The hacker on Nov. 26 exploited a vulnerability to break into the "MyQuest by Care360" Internet application on Quest's network. Once inside, the "unauthorized third-party" was able to access patients' names, birth dates, lab results, and telephone numbers, the company said.
On the plus side, the breached information did not include Social Security numbers, credit card information, insurance data, or any other financial information. At this time, "there is no indication that individuals' information has been misused in any way," the company said.
Quest said it has already notified affected customers via mail, so be on the lookout for a letter if you've had any lab work done recently. The company said it "immediately addressed the vulnerability" after discovering the intrusion.
"Quest is taking steps to prevent similar incidents from happening in the future, and is working with a leading cybersecurity firm to assist in investigating and further evaluating the company's systems," according to the announcement. "The investigation is ongoing and the unauthorized intrusion has been reported to law enforcement."
Quest has set up a toll-free number for people to call with questions about the incident. The number is (888) 320-9970, and can be reached Monday through Friday between 9 a.m. and 7 p.m. ET.
Extracted from pcmag.com (http://www.pcmag.com/news/350280/medical-laboratory-quest-diagnostics-hacked)
