Diatherix Laboratories discovered data stored on a third party server was not secure. The information, including each patient's name, address, medical history and social security number was visible to outside parties for more than three years.
Despite the data remaining unsecured for almost three years, the company's investigation revealed that only recently--in March 2014--did someone outside of the company access it.
