A Huge Medical Data Breach Just Happened and You May Be Affected

12:09 06/07/2019

Two major laboratories announced data breaches this week in filings with the SEC.

Quest Diagnostics DGX  first revealed that around 11.9 million patients had their data stolen which was followed by an announcement from LabCorp LH  who said it was also affected.

LabCorp said it had been affected by the same third-party data breach that affected Quest Diagnostics. The medical giant said 7.7 million patients had their personal and financial data stolen by hackers, which hit the payment pages of the American Medical Collection Agency (AMCA), a third-party vendor that processes payments for LabCorp and other companies.

AMCA spokesperson Jennifer Kain stated through crisis communications firm Brunswick Group, that the company was “investigating” the breach. She said, 'Upon receiving information from a security compliance firm that works with credit card companies of a possible security compromise, we conducted an internal review, and then took down our web payments page.'

LabCorp also said it informed law enforcement of the breach.

In a filing with the Securities and Exchange Commission, LabCorp revealed that the stolen data includes a patient’s name, date of birth, address, phone number, date of service, provider, and balance information.

“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA,” read the filing.

Quest Diagnostics revealed the data breach in its own filing on Monday with the Securities and Exchange Commission. Quest said that AMCA's payment system was compromised on August 1, 2018 and remained vulnerable through March 30. Exposed information includes patient names, dates of birth, addresses, phone numbers, dates of service, providers and balance information.

The SEC filing also said that in response to the incident Quest Diagnostics has suspended sending collection requests to AMCA, provided notifications to affected health plans and will ensure that notification is provided to regulators and others as required by federal and state law; and been working and will continue to work diligently, along with Optum360, AMCA and outside security experts, to investigate the AMCA data security incident and its potential impact on Quest Diagnostics and its patients.


This article has been provided by a Chasing Markets contributor. All content submitted by this author represent their personal opinions, and should be considered as such for entertainment purpose only. All opinions expressed are those of the writer, and may not necessarily represent fact, opinions, or bias of Chasing Markets.
Most Read