[BreachExchange] Another 2.2 million patients affected by AMCA data breach

Destry Winant destry at riskbasedsecurity.com
Thu Jul 18 10:19:25 EDT 2019


https://techcrunch.com/2019/07/17/millions-patients-amca-breach/

Another clinical lab ensnared in the AMCA data breach has come forward.

Clinical Pathology Laboratories (CPL) says 2.2 million patients may
have had their names, addresses, phone numbers, dates of birth, dates
of service, balance information and treatment provider information
stolen in the previously reported breach.

Another 34,500 patients had their credit card or banking information
compromised.

The breach was limited to U.S. residents, the company said.

CPL blamed AMCA, which it and other labs used to process payments for
their patients, for not providing more details on the breach when it
was disclosed in June.

“At the time of AMCA’s initial notification, AMCA did not provide CPL
with enough information for CPL to identify potentially affected
patients or confirm the nature of patient information potentially
involved in the incident, and CPL’s investigation is on-going,” said
the company in a statement.

LabCorp was first hit with 7.7 million patients affected, then 11.9
million Quest Diagnostics patients were next. BioReference
Laboratories pushed the breachover the 20 million mark.

Then, AMCA filed for bankruptcy protection amid several class action suits.

Several lawmakers have since contacted both Quest and LabCorp, two of
the biggest laboratories in the U.S. to demand answers about the
breach and why it went undetected for close to a year.


More information about the BreachExchange mailing list