June 5, 2019 — One day after Quest Diagnostics notified its users of a data breach, LabCorp announced one of its own.
LabCorp says in a filing with the Securities and Exchange Commission that its billing collections vendor, American Medical Collection Agency, had unauthorized activity on its payment page. About 7.7 million consumers whose data was stored on AMCA’s system are affected.
Information such as name, date of birth, address, phone number, date of service, provider, and balance information are included. AMCA’s system also includes consumers’ credit card and bank account information.
Thankfully, AMCA says Social Security numbers and insurance identification information were not stored on the hacked systems.
LabCorp is sending 200,000 notices to customers whose credit card and bank account information might have been hacked. In an effort to soothe customer concerns, LabCorp will offer identify protection and credit monitoring services for 2 years.
AMCA says it is continuing to investigate and has taken steps to boost the security of its systems, processes, and data.
LabCorp says it takes “data security very seriously, including the security of data handled by vendors.”
The LabCorp hacking comes the same week Quest, another major medical testing company, announced millions of its patients’ files may have been stolen in a separate data breach. But in the Quest case, Social Security numbers may have been included in the hacked data.