Quest Diagnostics breach exposes sensitive data of nearly 12 million customers
On June 4, 2019, the New Jersey-based medical testing firm Quest Diagnostics announced that its customers’ financial and personal information was compromised in a data breach. Consumer details such as Social Security numbers, bank account information, credit card details, and medical information were released.
The incident
Between August 22, 2018 and March 30, 2019, the American Medical Collection Agency’s (AMCA) payment page was breached. Since AMCA was the third-party collection provider for Quest Diagnostics, Quest Diagnostic's patients’ data was also impacted. Fortunately, laboratory test results were not compromised. As soon as the breach was detected, AMCA reviewed its security systems with the help of a cybersecurity firm and took down its web payments page. The company notified the U.S. Securities and Exchange Commission and hired an IT security team to investigate the breach.
Cyberthreats are everywhere and it's important to be prepared. If you want to avoid cybersecurity disasters and avoid negative news headlines, investing in a comprehensive SIEM solution like Log360 is key. Download a 30-day, free trial to start combating internal and external security attacks.
How ManageEngine can help:
Log360, our comprehensive SIEM solution, can help your organization by:
- Alerting security teams in real time about events that require their immediate attention, such as network attacks, unauthorized file or folder access attempts, security group membership changes, and account lockouts.
- Detecting unauthorized network access attempts with its built-in Structured Threat Information eXpression (STIX/TAXII) feeds processor. Log360 accesses a global IP threat database that can instantly detect known malicious traffic passing through the network, and outbound connections to malicious domains and callback servers. Its global IP threat database contains more than 600 million blacklisted IP addresses collected from trusted open-source threat feeds and updated daily.
- Uncovering potential insider threats with its user and entity behavior analytics engine that creates a baseline of normal activities specific to each user, and notifies security personnel instantly when there's a deviation from this norm. Rather than using static threshold values, Log360 employs a combination of data analytics and machine learning to define dynamic thresholds based on real-world user behavior.
- Obtaining important forensic information about incidents. Collected logs can be securely archived to help prove adherence to compliance standards and reduce potential legal penalties during investigations.
- Automatically raising incidents as tickets to specific technicians in ServiceDesk Plus, JIRA, Zendesk, Kayako, or ServiceNow to create an incident resolution process that's swift and accountable.
Download a free trial of Log360 to see the tool in action for yourself.
Latest Ransomware attacks
Latest Data breach attacks
Latest Email Phishing attacks
Latest DoS and DDoS attacks
Latest Brute force attack
Latest Advanced persistent threat (APT)