Medical and financial details of 12 million Americans exposed in Quest Diagnostics data breach
Medical testing firm and clinical laboratory Quest Diagnostics has revealed that a data breach has led to the records of nearly 12 million of its customers being exposed. The data includes financial data, Social Security numbers and medical information.
Quest Diagnostics was itself not the target of hackers, but the American Medical Collection Agency (AMCA) was. The company is used by Optum360 for billing collections services, and Optum360 is used by Quest Diagnostics.
- Flipboard hacked -- attackers had access to database of user information for 9 months
- Google recalls Bluetooth version of Titan Security Key after discovering hacking vulnerability
- Hackers steal $40 million of Bitcoin from crypto exchange Binance
The laboratory says that it was notified by AMCA on May 14 about potential unauthorized activity on AMCA's web payment page. Two weeks later Quest and Optum360 were told that the personal information of 11.9 million Quest Diagnostic customers were included.
In a statement about the incident, Quest Diagnostics says:
On May 31, 2019, AMCA notified Quest and Optum360 that the data on AMCA's affected system included information regarding approximately 11.9 million Quest patients. AMCA believes this information includes personal information, including certain financial data, Social Security numbers, and medical information, but not laboratory test results.
AMCA has not yet provided Quest or Optum360 detailed or complete information about the AMCA data security incident, including which information of which individuals may have been affected. And Quest has not been able to verify the accuracy of the information received from AMCA.
Quest says that it is working with Optum360, and has suspended sending collection requests to AMCA.