Quest Diagnostics Investigates Data Breach Affecting 11.9 Million Patients
One of the nation’s leading medical testing providers, Quest Diagnostics, has suffered a data breach. The incident affected approximately 11.9 million patients, and included credit card and banking information, names, Social Security Numbers and some medical information.
The breach occurred with a third-party billing company, American Medical Collection Agency (AMCA). Between August 1, 2018 and March 30, 2019, an “unauthorized user” gained access to information in AMCA’s database, including patient data from Quest Diagnostics and other entities.
AMCA acts as a collection agency for Quest Diagnostics. They only had access to financial information, not lab results. Laboratory tests were not included in the breach.
According to Quest Diagnostics, the company “serves about half of the physicians and hospitals in the U.S,” and provides services to “30 percent of American adults each year.”
Since the breach, Quest Diagnostics has stopped sending collections requests to AMCA, and hired a team of forensics experts to investigate the matter.
Quest Diagnostics experienced a separate data breach in 2016. Another “unauthorized user” accessed the MyQuest patient portal and gathered lab test results and personal information for 34,000 patients. Payment information was not involved in that incident.