LabCorp confirmed that it was affected by a third-party data breach.
Earlier this week, it was reported that American Medical Collection Agency (AMCA), a vendor that processes payments for LabCorp and other companies, had their payment pages hit by hackers. Now LabCorp, a North Carolina-based medical company, is reporting that 7.7 million patients had their personal and financial data stolen by the hackers.
This is the same hack that affected 11.9 million patients at Quest Diagnostics.
According to LabCorp, the stolen data includes patient’s name, date of birth, address, phone number, date of service, provider, and balance information.
In a filing to the Securities and Exchange Commission, LabCorp said, “AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA.” However, no medical data or lab diagnostic results data was taken. And, like the Quest Diagnostic breach, LabCorp’s data incident dated back to August 1, 2018, until March 30, 2019.
So far, the total number of patients affected in the AMCA payments page breach is nearly 20 million.