Quest, LabCorp, and AMCA Data Breach Lawsuit Investigations

06.05.2019

Stueve Siegel Hanson is currently investigating the recent data breaches reported by Quest Diagnostics, LabCorp, Clinical Pathology Laboratories, American Esoteric Laboratories, CareCentrix, BioReference, and Sunrise Laboratories, as well as a number of other companies listed below.

Quest Diagnostics Data Breach Lawsuit Investigation: On June 3, 2019, Quest Diagnostics reported a data breach that affected approximately 11.9 million of their patients. According to Quest’s billing collections vendor, American Medical Collection Agency (AMCA), an unauthorized user had access to credit card numbers, bank account information, “medical information” and other sensitive data, including Social Security Numbers, on its web payment page between August 1, 2018 and March 30, 2019.  Quest has said that AMCA did not have access to lab result data, and therefore this information is not affected. 

Quest is said to be verifying the accuracy of the information received from AMCA, but suspended collection requests to AMCA after learning of the breach. AMCA has stated that it learned of the breach through a security compliance firm that works with credit card companies.

LabCorp Data Breach Lawsuit Investigation:  On June 4, 2019, LabCorp reported a data breach that affected approximately 7.7 million of their patients.  According to LabCorp’s billing collections vendor, AMCA (the same vendor used by Quest Diagnostics), an unauthorized user had access to names, dates of birth, addresses, phone numbers, dates of service, provider, credit card or bank information, and balance information on its web payment page between August 1, 2018 and March 30, 2019. On July 13, 2019, LabCorp provided an update stating that health insurance information and Social Security Numbers may have been included in the breach for some individuals.

LabCorp has reported that it is working to obtain more information, but has ceased sending new collection requests to AMCA after learning of the breach.

Other companies impacted by the AMCA data breach include:

  • Clinical Pathology Laboratories
  • American Esoteric Laboratories
  • CareCentrix
  • BioReference
  • Sunrise Laboratories
  • CBLPath
  • Laboratory Medicine Consultants
  • Austin Pathology Associates
  • South Texas Dematopathology
  • Pathology Solutions
  • Penobscot Community Health Center Maine
  • Seacoast Pathology
  • Arizona Dermatopathology
  • Western Pathology
  • Laboratory Dermatopathology ADX
  • Natera

Cybercriminals continue to target medical companies who have access to millions of peoples’ medical records and other very sensitive data as it draws a far higher price on the dark market than credit card details. Healthcare organizations must have the proper systems in place to detect and prevent attacks on consumer data.

If you have used Quest Diagnostics, LabCorp, Clinical Pathology Laboratories, or any of the above-listed companies and believe your information may have been exposed, please call 1.855.803.8377 or contact us here.

Stueve Siegel Hanson is an industry-leader in data breach and cybersecurity litigation. Stueve Siegel Hanson attorneys have prosecuted cases involving the largest data breaches in U.S. history, securing millions of dollars for affected consumers. For more information about our data breach practice, click here.

Jump to Page