Quest Diagnostics, one of the nation’s largest blood test providers, says financial and medical information may have been compromised in the breach which is being blamed on an issue with one of its vendors.
Between 08/01/2018 and 03/30/2019 someone was able to gain unauthorized access to the computer system of AMCA which is a billing collections vendor contracted by Quest according to a securities regulator filing. Affected information in AMCA’s system includes financial information such as banking information and credit card numbers, medical information, and other personal information such as social security numbers. Patient lab results were not affected by the breach as they are not stored or accessed by AMCA, according to Quest.
11.9 million Quest patient’s data has reportedly been affected as of 05/31/2019, according to Quest they have not received a detailed or complete information report regarding the full extent of the damage that may have been done.
“Quest Diagnostics takes this matter very seriously and is committed to the privacy and security of patients’ personal, medical and financial information.”
A firm working with AMCA to investigate the beach announced after an internal review was conducted the web payment page has been taken down.
“Upon receiving from a security compliance firm that works with credit card companies of a possible security compromise, we conducted an internal review, and then took down our web payments page. We hired a third-party external forensics firm to investigate any potential security breach in our systems, migrated our web payments portal services to a third-party vendor, and retained additional experts to advise on, and implement, steps to increase our systems’ security. We have also advised law enforcement of this incident. We remain committed to our system’s security, data privacy, and the protection of personal information.”
Ever since the push started to convert medical records from paper to EHR there have been many to oppose it saying there would be backdoors created for those who want to pry into personal and private data, apparently hackers are figuring out how to gain access as well to what once was private information, situations such as this serve to add fuel to the fire.
“The dark side of the data age rears its ugly head once again….who will be compensating those of us who have been compromised?” writes a commenter at NBCNewYork.com.