medQ Confirms Data Breach After Software Encryption Incident

Console and Associates, P.C.

On February 23, 2024, medQ, Inc. filed a notice of data breach with the Attorney General of Maine after discovering that hackers accessed and encrypted a software platform used by medQ. In this notice, medQ explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, driver’s license numbers, dates of birth, health information, diagnoses, lab results, medications, treatment information, and health insurance and claims information. Upon completing its investigation, medQ began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from medQ, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the medQ data breach. For more information, please see our recent piece on the topic here.

What Caused the medQ Data Breach?

The medQ data breach was only recently announced, and more information is expected in the near future. However, medQ’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, on December 26, 2023, medQ learned that it was the recent victim of a cybersecurity incident in which an unauthorized party encrypted software used by medQ and hosted by a third-party data center.

In response, medQ disconnected its network and launched an investigation to learn more about the incident, including whether any consumer data was leaked as a result. Ultimately, medQ’s investigation confirmed that files from the medQ platform were accessed by an unauthorized party between December 20, 2023 and December 26, 2023. It was later determined that some of these files contained confidential consumer information.

After learning that sensitive consumer data was accessible to an unauthorized party, medQ reviewed the compromised files to determine what information was leaked and which consumers were impacted. The company completed this review on February 16, 2024. While the breached information varies depending on the individual, it may include your name, Social Security number, driver’s license number, date of birth, health information, diagnoses, lab results, medication, treatment information, and health insurance and claims information.

On February 23, 2024, medQ sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About medQ, Inc.

Founded in 1996, medQ, Inc. is a healthcare software company based out of Plano, Texas. medQ’s platform, called Q/ris 3000, enables healthcare providers to automate many processes, including ordering, scheduling, and report creation. Q/ris 3000 also has a variety of add-on modules that can be used to customize the platform further. medQ employs more than 25 people and generates approximately $5 million in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide