813-999-0631 info@tetratos.com
Health Quest privacy breach potentially exposes patient information

A phishing scam targeting Health Quest employees potentially resulted in the leak of patient information, according to a notice from the health care provider.

John Nelson, director of public and community affairs with Health Quest, could not provide an exact number of impacted individuals, as the investigation is ongoing. The priority, he said, was to provide security to those affected.

“We want to make sure that everyone is aware of the situation and make sure that everyone is protected,” he said.

The incident occurred in July 2018, during which multiple employees were tricked into sharing their email account usernames and passwords. Shortly after the scam took place, Health Quest hired a cybersecurity firm to aid with an investigation.

The impacted email accounts were secured after learning of the attack.

On Jan. 25, the investigation found email attachments containing health information, and on April 2, Health Quest confirmed these attachments included patient information, including patient names, provider names, dates of treatment, treatment and diagnosis information and health insurance claims information.

All information related to services performed at Health Quest Affiliated from January 2018 to June 2018.

The investigation has found no evidence that this information was accessed or viewed.

Health Quest began alerting potentially impacting individuals Friday, and those affected should expect to receive a letter by June 10.

Those concerned they may be impacted can contact a call center dedicated to the breach at 1-800-277-0105. The center is open 9 a.m. to 6:30 p.m. Monday through Friday.

Nelson attributed the delay between when the extent of the scam was discovered and when Health Quest started alerting individuals to the cybersecurity firm’s investigation.

In response to the incident, Health Quest is enacting stricter security measures, including multi-factor authentication multi-factor authentication, and providing cybersecurity training for employees.

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

Get weekly tech updates and immediate alerts when there is a zero-day or security issue!

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Pin It on Pinterest

Share This