Quest Diagnostics and LabCorp Data Breach Investigations

Stueve Siegel Hanson is currently investigating the recent data breaches reported by Quest Diagnostics and LabCorp.

Quest Diagnostics Data Breach Lawsuit Investigation: On June 3, 2019, Quest Diagnostics reported a data breach that affected approximately 11.9 million of their patients. According to Quest’s billing collections vendor, American Medical Collection Agency (AMCA), an unauthorized user had access to credit card numbers, bank account information, “medical information” and other sensitive data, including Social Security Numbers, on its web payment page between August 1, 2018 and March 30, 2019.  Quest has said that AMCA did not have access to lab result data, and therefore this information is not affected. 

Quest is said to be verifying the accuracy of the information received from AMCA, but suspended collection requests to AMCA after learning of the breach. AMCA has stated that it learned of the breach through a security compliance firm that works with credit card companies.

LabCorp Data Breach Lawsuit Investigation:  On June 4, 2019, LabCorp reported a data breach that affected approximately 7.7 million of their patients.  According to LabCorp’s billing collections vendor, AMCA (the same vendor used by Quest Diagnostics), an unauthorized user had access to names, dates of birth, addresses, phone numbers, dates of service, provider, credit card or bank information, and balance information on its web payment page between August 1, 2018 and March 30, 2019.  LabCorp has said it provided no lab tests or results to AMCA and that AMCA has advised LabCorp that Social Security numbers and insurance identification information are not stored or maintained for LabCorp customers.

LabCorp has reported that it is working to obtain more information, but has ceased sending new collection requests to AMCA after learning of the breach.

Cybercriminals continue to target medical companies who have access to millions of peoples’ medical records and other very sensitive data as it draws a far higher price on the dark market than credit card details. Healthcare organizations must have the proper systems in place to detect and prevent attacks on consumer data.

If you have used Quest Diagnostics or LabCorp and believe your information may have been exposed, please call 1-855-803-8377 or fill out the form at the right side of this page.

Stueve Siegel Hanson is an industry-leader in data breach and cybersecurity litigation. Stueve Siegel Hanson attorneys have prosecuted cases involving the largest data breaches in U.S. history, securing millions of dollars for affected consumers. For more information about our data breach practice, click here.

  • Our pick for bet-the-company litigation

    - CEO, Heartland Spine & Specialty Hospital
  • Stueve Siegel Hanson 'beats the big guys in court'

    - Modern Healthcare covering SSH landmark anti-trust case
  • Big firm lawyers, small firm service.

    – President – Overlap, Inc.
  • Best of the Bar

    – Kansas City Business Journal
  • One of the best plaintiff’s lawyers in the country.

    – Lawdragon Magazine

Contact Us



  • Benchmark Plaintiff

    Benchmark Plaintiff

  • Commercial Litigation

    Commercial Litigation

  • Super Lawyers 2017

    Super Lawyers 2017

  • American Association for Justice

    American Association for Justice

  • Best Lawyers

    Best Lawyers

The information you obtain at this site is not, nor is it intended to be, legal advice. You should consult an attorney for advice regarding your individual situation. We invite you to contact us and welcome your calls, letters and electronic mail. Contacting us does not create an attorney-client relationship. Please do not send any confidential information to us until such time as an attorney-client relationship has been established.

The choice of a lawyer is an important decision and should not be based solely upon advertisements.