COVID testing appointment scheduling service discovers data breach
Jan. 13, 2022 /PRNewswire/ — On or around November 30, 2021, Practolytics LLC (“Practolytics”) learned that it experienced a data security incident. A client-generated report containing COVID testing appointment information, which would normally be deactivated following initial download, remained active. Upon discovery, Practolytics took immediate steps to deactivate and delete the download link to prevent further access or dissemination. Since discovery of the incident, Practolytics engaged cybersecurity experts to conduct an investigation to determine the source and scope of the incident and ensure a similar incident will not occur in the future.
As part of the investigation, Practolytics confirmed that minor and adult information was accessible in the report, which may have included name, age, gender, address, date of birth, Social Security number, email address, appointment date and type, provider name, and insurance information. On January 13, 2022, 1,107 individuals were notified by USPS first-class mail of the incident and provided with information on how to protect their personal information. A call center has been set up with IDX to answer any questions that individuals may have about the incident and can be reached at 1-800-939-4170 between the hours of 9:00 A.M. to 9:00 P.M. Eastern Time from Monday to Friday.
The security of information is our top priority at Practolytics, and we are committed to safeguarding data and privacy. We deeply regret any worry or inconvenience that this matter may cause.