The company said millions of customers had referred to AMCA for billing collections, and 7.7 million customers stored their data in the hacked system.
AMCA's system stored customers' first and last names, credit cards and bank account numbers, birth dates, addresses, phone numbers, dates of use, health care provider information, and the amount that customers had to pay. LabCorp said it did not provide AMCA with information on tests, laboratory results or diagnostic information. AMCA said it did not store social security numbers.
LabCorp said that it will no longer do business with AMCA. The billing collection company said it continues to investigate the breach and has taken down the online payment page.
"We are committed to our system's security, data security and protection of personal information," the company said.
Quest also said it has stopped using AMCA for billing and that it used "forensic experts" to investigate the problem.
Both LabCorp and Quest said that AMCA has not yet provided detailed information about the incident, including which customers may have been affected.
"LabCorp takes data security very seriously, including the security of data processed by vendors," the company said Tuesday.
On Monday, Quest said it remains "committed to keeping our patients, health care professionals and all relevant parties informed as we learn more."