Quest Diagnostics said Monday that 11.9 million Quest Diagnostics patients may have had their personal, financial, and medical exposed in a data breach that happened through a contractor of a contractor. 

Quest outsources its billing collections to Optum360, which in subsequently used American Medical Collection Agency (AMCA) for such services, and were both notified by AMCA of a security incident on May 14. AMCA has yet to announce details of the breach to the public, but in a filing with the U.S. Securities and Exchange Commission (SEC), AMCA revealed that hackers had access to its payment systems from August 1, 2018 until March 30, 2019. 

In the filing, AMCA claimed during the eight-month period attackers gained access to financial, medical and other personal information, including social security numbers, credit card details, and bank account information. 

AMCA has not provided Quest or Optum360 with the full details of the incident as the investigation is currently ongoing. In the meantime, Quest is not able to verify the number of individuals that may have been affected by this incident, what forms of financial data have been exposed, or whether the information was protected by encryption. Quest has confirmed that no laboratory test results were exposed during this incident. 

Quest has not revealed what forms of financial data have been exposed, such as whether card numbers or security codes are included, or whether or not encryption was in place to protect this information.

Time and time again we see companies looking to cut costs by outsourcing core responsibilities to third-party providers, but in doing so businesses and its customers become increasingly more exposed to uncontrollable security risks. The healthcare industry continues to be a prime target for cybercriminals became there are so many moving parts to go after, so many different entry points for hackers to exploit with inadequate security. 

NNT solutions combine the essential, foundational security controls recommended by all leading security frameworks such as HIPAA HITECH and CIS with the operational discipline of change management. With the essential security controls in place and the ability to correlate changes within an environment with an approved ticket or set of rules, healthcare providers are l able to prepare for an audit and prevent and protect themselves and patients against all forms of risk, all while gaining full control over changes for security and operational peace of mind. 

Learn more about NNT's Solutions for the Healthcare Industry





NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.