Nearly 20.1 million patients affected by AMCA data breach

A third-party medical bill collection vendor AMCA (American Medical Collection Agency) has been hit by a serious data-breach; as a result nearly 20.1 million patients who are getting services from Quest Diagnostics, LabCorp, OPKO health Inc. are affected by this major data-breach.  This data breach has already attracted the attention of Congress Sens. Bob Menendez, D-N.J., Cory Booker, D-N.J., and Mark Warner, D-Va. They have written this medical testing company to give the government more details about this breach. On June 5 Menendez and Booker wrote a letter to Quest CEO Stephen Rusckowski, where they stated “We are deeply concerned that this breach compromised personal, financial, and medical information of nearly 12 million Quest Diagnostics Inc. patient,”

American Medical Collection Agency says personal information, financial data, social security numbers and medical data has been breached by this  security incident, but not laboratory test results.

Now let’s check, which medical testing companies and how much they are affected by this data-breach.

Quest Diagnostics
From Wikipedia, Quest Diagnostics, official website, is an American Clinical Laboratory, which was founded in 1967 as Metropolitan Pathology Laboratory, Inc. It became an independent corporation with the Quest name on December 31, 1996, as describe in Wikipedia. Quest Diagnostics is a Fortune 500 company. It operates in various countries like United States, United Kingdom, Mexico and Brazil.

About Data breach – Quest Diagnostics confirmed that 11.9 million patients are affected by AMCA (American Medical Collection Agency) hack. Quest Diagnostics works with American Medical Collection Agency. American Medical Collection Agency first notified Quest Diagnostic on May 14, 2019, that they have found an unauthorized activity on American Medical Collection Agency official website’s payment system. Later on 31 May, 2019 American Medical Collection Agency notified again Quest Doagnostic that nearly 11.9 million people from Quest Diagnostic have been affected by American Medical Collection Agency’ s data breach.

What Quest Diagnostic are saying about this data breach..

“AMCA has not yet provided Quest or Optum360 detailed or complete information about the AMCA data security incident, including which information of which individuals may have been affected. And Quest has not been able to verify the accuracy of the information received from AMCA.
 
Quest is taking this matter very seriously and is committed to the privacy and security of our patients' personal information. Since learning of the AMCA data security incident, we have suspended sending collection requests to AMCA.
 
Quest will be working with Optum360 to ensure that Quest patients are appropriately notified consistent with the law.
 
We are committed to keeping our patients, health care providers, and all relevant parties informed as we learn more.”

LabCorp
From Wikipedia, LabCorp, official website, LabCorp also known as Laboratory Corporation of America Holdings. Laboratory Corporation of America Holdings’s headquarter is situated in Burlington, North Carolina. It was founded in September 5, 1978 as Roche BioMedical.

About Data Breach – Nearly 7.7 Million LabCorp patients are affected by American Medical Collection Agency data breach. LabCorp confirmed that first name and last name, date of birth, address, phone, date of service, provider, and balance information are exposed by this major security breach.

What LabCorp are saying about this data breach

  • LabCorp systems and the data on our systems were not affected by the AMCA incident
  • LabCorp did not provide test, laboratory results, or clinical information to AMCA
  • AMCA indicates that it did not maintain Social Security Numbers or insurance information for LabCorp patients
  • AMCA’s affected system may have contained patient personal information provided by LabCorp and, for a more limited number of patients, financial information provided by the patient to AMCA
  • LabCorp takes data privacy and security very seriously, including the security of data handled by vendors
  • We continue to investigate and to work with AMCA to learn more about this incident

OPKO
From Wikipedia, OPKO, official website, is a medical test and medication company. It’s headquarter is located at Miami, Florida. OPKO is mainly focused on diagnostics and pharmaceuticals. It operates in more than 30 countries.

About Breach – Nearly 422,600 patients are affected by American Medical Collection Agency security incident. American Medical Collection Agency told OPKO that between August 1, 2019 and March 30, 2019, an unauthorized party accessed the data of OPKO patients. Breach data may have include patient name, date of birth, address, phone, date of service, provider and balance information.