It's not just Quest: LabCorp says it was hacked too

LabCorp said that the third-party invoice collection provider, the American Medical Collection Agency, notified the blood work company that hackers had access to AMCA's online payment system. The unauthorized access took place between August 1, 2018 and March 30, 2019, LabCorp said.

The company said millions of customers had referred to AMCA for billing collections, and 7.7 million customers stored their data in the hacked system.

AMCA's system stored customers' first and last names, credit cards and bank account numbers, birth dates, addresses, phone numbers, dates of use, health care provider information, and the amount that customers had to pay. LabCorp said it did not provide AMCA with information on tests, laboratory results or diagnostic information. AMCA said it did not store social security numbers.

LabCorp ( LH ) said it believes that it is possible to access 200,000 customers' credit cards or bank account information, and it is sending messages to those customers. It said AMCA plans to offer affected customers' identity protection and credit monitoring services for two years.
  Quest Diagnostics says that 1[ads1]2 million patients may have received their personal information exposed

LabCorp said that it will no longer do business with AMCA. The billing collection company said it continues to investigate the breach and has taken down the online payment page.

"We are committed to our system's security, data security and protection of personal information," the company said.

The announcement came one day after Quest Diagnostics ( DGX ) said that the customer's information was also potentially broken in AMCA's hack. Unlike LabCorp, Quest said that the exposed information may have included social security numbers and medical information, but not test results. Quest said it had referred 11.9 million customers to the AMCA.

Quest also said it has stopped using AMCA for billing and that it used "forensic experts" to investigate the problem.

Both LabCorp and Quest said that AMCA has not yet provided detailed information about the incident, including which customers may have been affected.

"LabCorp takes data security very seriously, including the security of data processed by vendors," the company said Tuesday.

On Monday, Quest said it remains "committed to keeping our patients, health care professionals and all relevant parties informed as we learn more."

Source link

Back to top button