Photo: andresr via Getty Images
An "unauthorized user" at the collections firm American Medical Collection Agency may have accessed information on 11.9 million Quest Diagnostics patients, according to a securities filing by Quest.
Why it matters: Quest Diagnostics is a major national provider of lab work, and the information stored by AMCA included "financial information (e.g., credit card numbers and bank account information), medical information and other personal information (e.g., Social Security Numbers)," according to the filing.
Details: In a statement, Quest says that its contractor Optum360 used AMCA, and that AMCA has provided neither Quest Diagnostics nor Optum360 "detailed or complete information about the AMCA data security incident, including which information of which individuals may have been affected."
- However, Quest says the unauthorized user had access to the AMCA systems between Aug. 1, 2018, and March 30, 2019.
- Quest says it has suspended sending collections to AMCA, is abiding by all notification regulations and will work with third-party security experts to investigate the breach.
What they're saying: "We are committed to keeping our patients, health care providers, and all relevant parties informed as we learn more," Quest said in a statement.