Quest Diagnostics Inc., a lab services company, is investigating an online data breach that exposed the test results and other personal information of 34,000 patients nationwide.
The New Jersey-based company announced Monday that an "unauthorized third party" hacked into the MyQuest patient portal Nov. 26, accessing protected health information including name, date of birth, lab results and in some cases, phone numbers. It said the breach did not include Social Security numbers or credit card, insurance or other financial information.
The breach affected 10,662 patients in California, company spokeswoman Kim Gorode said Tuesday.
Quest said that it has provided notice to patients whose accounts were affected and that there is "no indication" that the information has been misused.
"Due to the nature and the limited amount of information that was accessed, we believe the risk of harm to patients is low," said Denny Moynihan, a Quest spokesman.
The company said it is taking steps to prevent similar incidents and is working with a cybersecurity firm to assist in the investigation. The data breach was reported to law enforcement officials.
"We're taking it seriously," Moynihan said.
Quest provides lab services at about 2,200 patient centers across the U.S., including about 400 locations in California. It says its services, which range from routine blood tests to genetic testing, are used by about 30% of American adults annually.
The publicly traded company had nearly $7.5 billion in revenue last year.
Patients with questions about the data breach can call Quest at (888) 320-9970.
Channick writes for the Chicago Tribune. Times staff writer Jim Puzzanghera contributed to this report.