Quest Diagnostics Data Breach Affects 11.9M Patients

Maricruz Casares
Junio 8, 2019

According to company estimates, approximately 422,600 BioReference patients had their information stored on the servers of American Medical Collection Agency, which was hacked beginning August 1, 2018. As it turns out, over 400,000 consumers of medical diagnostics company OPKO Health were also impacted, bringing the total number of victims to 20.1 million.

The data breach is estimated to have affected about 11.9 million customers of Quest Diagnostics and about 7.7 million of LabCorp.

Earlier this week, rivals Quest Diagnostics Inc and Laboratory Corporation of America Holdings also announced that they were apprised of unauthorized access to their customer data stored on AMCA system.

AMCA stored Opko Health customers' credit card and bank account information, email addresses, phone numbers and balance information.

"Given the deluge in recent years of data breaches exposing personal, medical and financial information, every American should assume the security of that information has been compromised", said Rob Douglas, national identity theft and fraud expert. The lab clinic also said that it has not been able to verify the accuracy of information provided by AMCA.

More news: U.S. records 1000th case of measles, officials blame misinformation for outbreak

In response to the breach, LabCorp ceased sending new collection requests to AMCA and stopped AMCA from continuing to work on any pending collection requests involving LabCorp consumers.

This is not Quest's first brush with data security issues. He noted that contractors like AMCA were frequent targets for cyber attacks.

AMCA is investigating the incident, has notified law enforcement and is providing 24 months of free credit monitoring to affected patients, the collection agency said when reached for comment.

Mr. Booker and Mr. Menendez sent a similar letter Wednesday to Stephen Rusckowski, Quest's chairman and president, as did Sen. "As recently as June 2018 your company faced a lawsuit charging LabCorp with a HIPAA violation for failing to provide adequate privacy protections at its Providence Hospital computer intake station", the Senators wrote.

The Senators demanded that LabCorp also provided a detailed timeline of the breach incident and outline what the company has done, in light of its past security challenges, to address information security problems.

Otros informes por

Discuta este artículo