Share this article on:
Following a November 2016 cyberattack at Quest Diagnostics that resulted in an unauthorized individual accessing and stealing the personal information and medical test results of 34,000 individuals, a class action lawsuit was filed by the breach victims. Quest Diagnostics proposed a $195,000 settlement to resolve the case. The settlement has recently been approved by a New Jersey district court judge.
The types of information obtained by the hacker included names, phone numbers, dates of birth, and the results of medical tests, including HIV test results.
The lawsuit alleged Quest Diagnostics had violated New Jersey laws and had been negligent for failing to safeguard the sensitive health information of its clients, Quest Diagnostics had breached its contract with clients, and that the company failed to provide timely notifications to patients informing them about the hacking incident and theft of their data.
Quest Diagnostics maintains the claims are meritless, but the decision was taken to settle the lawsuit to avoid ongoing litigation and further legal costs. Under the terms of the settlement, all individuals who can demonstrate they have suffered monetary losses as a direct result of the breach will be entitled to claim $250. The payment is intended to compensate individuals for having to take action to secure their accounts and pay for credit monitoring and identity theft protection services.
Any individual whose HIV test results were included in the stolen data will be entitled to claim $75, in addition in the $250 if they have also suffered monetary losses.
Quest Diagnostics has also been named as a co-defendant in several lawsuits filed by victims of the data breach at American Medical Collection Agency (AMCA) earlier this year. The hacking of the AMCA payment portal enabled the attacker to steal the protected health information of more than 26 million individuals, 11,500,000 of whom had received medical tests at Quest Diagnostics and their PHI had been passed to AMCA for collection.