• COVID-19
  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • Artificial Intelligence
    • Blockchain
    • Mobile Health
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage

LabCorp Confirms 7.7M Customers Exposed by Data Breach from AMCA Payment Portal

by Fred Pennic 06/05/2019 Leave a Comment

LabCorp Confirms 7.7M Customers Exposed by Data Breach from AMCA Payment Portal

Just a day after Quest Diagnostics confirmed a data breach, LabCorp has confirmed that nearly 7.7 million customers’ personal information may have been exposed due to a data breach from third-party collections firm American Medical Collection Agency (AMCA). According to a U.S. Securities and Exchange CommissionOpens a New Window. (SEC) filing, unauthorized activity on AMCA’s web payment page occurred between August 1, 2018, and March 30, 2019.

The exposed data could include first and last name, date of birth, address, phone, date of service, provider, balance information, credit card or bank account information. LabCorp confirmed that no ordered test, laboratory results, or diagnostic information was provided to AMCA. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.

AMCA has indicated that it is continuing to investigate this incident and has taken steps to increase the security of its systems, processes, and data. AMCA has informed LabCorp that it intends to provide the approximately 200,000 affected LabCorp consumers with more specific information about the AMCA Incident, in addition to offering them identity protection and credit monitoring services for 24 months, the SEC document stated.

LabCorp is working closely with AMCA to obtain more information and to take additional steps as may be appropriate once more is known about the AMCA Incident.

The Impact of Companies Passing Personal Data to Third Parties

“This is a third party losing data belonging to LabCorp’s customers, and as such, it shines a light on the risks that arise when companies pass personal data on to other companies fairly freely. Of course, as more organizations have access to your data, the greater the chance there is for it to become leaked – amplifying risk. This signifies the complexity of the way that companies use your data, with many players responsible for data privacy,” said Nicko van Someren, Chief Technology Officer at Absolute, a provider of endpoint security. 

“According to Gartner, global spending on information security is predicted to exceed $124 billion in 2019, yet we’re still witnessing breaches like this one confirmed by LabCorp – further proving that complexity is a clear and present rival of cybersecurity. Most organizations have risk profiles and commitments with their vendors, especially those handling PHI as a third-party. But, when you multiply the number of connections, data flows, EDIs, and other exchanges, there is bound to be something that was neglected. In this case, we know that visibility is key, but then what? You’ll probably find a graveyard of broken, disabled, and failing agents and controls. So how does one stay resilient when the technology cannot withstand the slightest perturbation on the device? By persisting the critical controls necessary to deliver a resilient environment. We must realize that resilience is our most critical defense in the face of changing threats, ever-present vulnerabilities, and a sprawling attack surface,” Someren added. 

RELATED:   Death by Ransomware: Poor Healthcare Cybersecurity

Tagged With: Cybersecurity, LabCorp, PHI, Portal, Quest Diagnostics, risk

[ultimatesocial networks="facebook,twitter,google,linkedin,mail" url="" custom_class="us-posts-bottom" align="left" count="false"]

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

« Boston Medical Center Joins Medicaid Transformation Project with 27 Health Systems
NextGen Healthcare Launches Behavioral Health EHR to Streamline Patient Data »

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Recent Articles

  • Cerner Leadership Changes, Other Key Executives Hires

    ... more
  • QGenda acquires Shift Admin – M&A

    QGenda Acquires Automated Provider Scheduling Platform Shift Admin – M&A

    ... more
  • Telehealth After COVID-19: What's Next for the Healthcare Industry?

    Transitioning from Traditional to E-Fax: How Healthcare Communications are Transforming Post-COVID

    ... more
  • FCC COVID-19 Telehealth Program Providers

    FCC Unveils 14 Initial Projects Selected for $100M Connected Care Pilot Program

    ... more

Most Read

  • Cerner Leadership Changes, Other Key Executives Hires
  • 20 COVID-19 Predictions and Trends for 2021 - Executive Roundup 20 COVID-19 Predictions and Trends for 2021 – Executive Roundup
  • Job Titles for Healthcare Executives The Top 9 Most In-Demand Medical Jobs
  • 5G in Healthcare: 7 Advantages & Disadvantages for Providers to Know 5G in Healthcare: 7 Advantages & Disadvantages for Providers to Know
  • 30 Executives Share Top Healthcare Predictions & Trends to Watch in 2021 30 Executives Share Top Healthcare Predictions & Trends to Watch in 2021
  • FDA Approves COVID-19 Oral Fluid Test for Use Nationwide In-Depth: 32 FDA-Approved COVID-19 Testing Kits
  • FCC COVID-19 Telehealth Program Providers FCC Unveils 14 Initial Projects Selected for $100M Connected Care Pilot Program
  • Healthcare Breach Report 2016 6 Ways Health Informatics Is Transforming Health Care
  • Travel Nurse Pay Nearly Doubles Nationwide from Coronavirus Outbreak Travel Nurse Pay Nearly Doubles Nationwide from Coronavirus Outbreak
  • CVS Health Launches Senior Medical Alert System, Symphony CVS Health Launches Senior Medical Alert System, Symphony

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • 2020 Editorial Calendar
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2021. HIT Consultant Media. All Rights Reserved. Privacy Policy |