Quest Diagnostics, a medical laboratory testing company with about 20 locations in the central San Joaquin Valley, announced Monday a nationwide data breach that exposed the personal information of nearly 12 million patients.
In a news release, the company said an “unauthorized user” tapped into the database of a billing collection company Quest uses. The company, American Medical Collection Agency (AMCA), believes the compromised information includes financial and medical data, along with Social Security numbers, but not laboratory test results.
Quest is one of the Valley’s most common destinations for people who need to have blood drawn for numerous medical test results.
The collection agency first notified Quest about the data breach May 14. On Monday, AMCA told Quest that about 11.9 million patients were affected. Quest and an intermediary billing collections company, Optum360, are working with forensics experts to investigate the hack, Quest said in its announcement.
Earlier today we released our statement regarding the American Medical Collection Agency (AMCA) data security incident. Find the full statement here: https://t.co/T0QKFvylAT
— Quest Diagnostics (@QuestDX) June 3, 2019
Quest noted that AMCA has yet to provide further details about the data breach, including any information about individuals who may have been affected.
“Since learning of the AMCA data security incident, we have suspended sending collection requests to AMCA,” Quest said.
If the hacked data is used to disadvantage a person whose information was hacked, what recourse will that person have to Quest or other Quest-related entity?