A day after Quest Diagnostics announced 12 million patients were affected by a data breach, another medical testing company says its patients’ data was also compromised.
In a filing with the U.S. Securities and Exchange Commission on Tuesday, LabCorp. said “approximately 7.7 million consumers” are affected by a breach at third-party collections firm American Medical Collection Agency, also known as AMCA.
According to the SEC document, the breach happened between Aug. 1, 2018, and March 30, 2019. Information that could have been exposed includes names, addresses, dates of birth and balance information.
“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA (for those who sought to pay their balance),” the SEC filing said. “LabCorp provided no ordered test, laboratory results, or diagnostic information to AMCA.”
Quest Diagnostics data breach: Nearly 12M Quest Diagnostics customers may have had data compromised, reports say
Mortgage data breach: First American Financial exposed data in millions of mortgage documents, report says
AMCA is the same collections firm who worked with Quest.
The filing says “Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.”
The news was first reported by the KrebsOnSecurity security news site.According to the SEC filing, AMCA is continuing to investigate the incident and “has taken steps to increase the security of its systems, processes, and data.
“LabCorp takes data security very seriously, including the security of data handled by vendors. AMCA has informed LabCorp that it intends to provide the approximately 200,000 affected LabCorp consumers with more specific information about the AMCA Incident, in addition to offering them identity protection and credit monitoring services for 24 months,” the filing said. “LabCorp is working closely with AMCA to obtain more information and to take additional steps as may be appropriate once more is known about the AMCA Incident.”
This story will be updated.
Follow USA TODAY reporter Kelly Tyko on Twitter: @KellyTyko