Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

LabCorp Says 7.7 Million Patients Caught in AMCA Data Breach

One day after medical testing firm Quest Diagnostics revealed that nearly 12 million of its patients had their personal and financial information exposed as a result of a breach at the American Medical Collection Agency (AMCA), LabCorp has come forward to say that the incident has also impacted 7.7 million of its customers.

One day after medical testing firm Quest Diagnostics revealed that nearly 12 million of its patients had their personal and financial information exposed as a result of a breach at the American Medical Collection Agency (AMCA), LabCorp has come forward to say that the incident has also impacted 7.7 million of its customers.

AMCA told SecurityWeek that it’s in the process of investigating “a data incident involving an unauthorized user accessing the American Medical Collection Agency system.” However, the billing collections service provider has not shared any additional details about the attack or how many of its customers have been hit.

AMCA did tell Quest and LabCorp that attackers targeted its payment portal and they had access to its systems between August 1, 2018, and March 30, 2019.

In an 8-K filing with the U.S. Securities and Exchange Commission (SEC) — Quest also disclosed the incident through a SEC filing — healthcare diagnostics company LabCorp said AMCA stored information on roughly 7.7 million of its customers. The compromised information includes name, date of birth, address, phone number, date of service, provider, and balance information.

Attackers may have also accessed credit card or bank account information, but LabCorp said diagnostic information, social security numbers, and insurance information are not stored or maintained for its customers by AMCA. It’s worth noting that AMCA did store social security numbers in the case of Quest.

“AMCA has informed LabCorp that it is in the process of sending notices to approximately 200,000 LabCorp consumers whose credit card or bank account information may have been accessed. AMCA has not yet provided LabCorp a list of the affected LabCorp consumers or more specific information about them,” LabCorp said.

LabCorp learned of the breach from Retrieval-Masters Creditors Bureau, one of the names used by AMCA. LabCorp said AMCA will provide the 200,000 consumers more specific information, along with identity protection and credit monitoring services for two years.

Similar to Quest, LabCorp said it stopped sending any data to AMCA following the disclosure of the breach.

Advertisement. Scroll to continue reading.

According to DataBreaches.net, researchers at Gemini Advisory, a company that monitors the dark web for compromised credentials and financial information, came across payment card information for roughly 200,000 individuals. An analysis showed that the data likely came from AMCA, which failed to respond to Gemini Advisory’s notifications, but the company suspended its payment portal after the cybersecurity firm informed federal law enforcement.

This is the second time LabCorp is caught in a cybersecurity incident in the past year. The company was forced to take some of its systems offline in July 2018 due to a ransomware attack.

Related: Lab Testing Firm Eurofins Scientific Hit by Ransomware

Related: Managed Healthcare Provider Humana Discloses Data Breach

Related: Healthcare Firm EmCare Says 60,000 Employees and Patients Exposed in Breach

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...