Practolytics LLC (“Practolytics”) provided a media statement related to a data security incident it learned of in November 2021. This subsequent statement provides additional information related to the incident.
Around November 30, 2021, Practolytics discovered that a report generated by a client containing information related to COVID testing conducted by Priority MedExpress, which would normally be deactivated following initial download, remained active. Upon discovery, Practolytics took immediate steps to deactivate and delete the download link to prevent further access or dissemination. Since the discovery of the incident, Practolytics engaged cybersecurity experts to conduct an investigation to determine the source and scope of the incident and ensure a similar incident will not occur in the future.
As part of the investigation, Practolytics confirmed that minor and adult information was accessible in the report, which may have included name, age, gender, address, date of birth, Social Security number, email address, appointment date and type, provider name, and insurance information. Between January 13 and January 18, 2022, 1,125 individuals were notified by USPS first-class mail of the incident and provided with information on how to protect their personal information. A call center has been set up with IDX to answer any questions that individuals may have about the incident and can be reached at 1-800-939-4170 between the hours of 9:00 A.M. to 9:00 P.M. Eastern Time from Monday to Friday.
The security of information is our top priority at Practolytics, and we are committed to safeguarding data and privacy. We deeply regret any worry or inconvenience that this matter may cause.