Quest Diagnostics said Monday that 11.9 million Quest Diagnostics patients may have had their personal, financial, and medical exposed in a data breach that happened through a contractor of a contractor. 

Quest outsources its billing collections to Optum360, which in subsequently used American Medical Collection Agency (AMCA) for such services, and were both notified by AMCA of a security incident on May 14. AMCA has yet to announce details of the breach to the public, but in a filing with the U.S. Securities and Exchange Commission (SEC), AMCA revealed that hackers had access to its payment systems from August 1, 2018 until March 30, 2019. 

In the filing, AMCA claimed during the eight-month period attackers gained access to financial, medical and other personal information, including social security numbers, credit card details, and bank account information. 

AMCA has not provided Quest or Optum360 with the full details of the incident as the investigation is currently ongoing. In the meantime, Quest is not able to verify the number of individuals that may have been affected by this incident, what forms of financial data have been exposed, or whether the information was protected by encryption. Quest has confirmed that no laboratory test results were exposed during this incident. 

Quest has not revealed what forms of financial data have been exposed, such as whether card numbers or security codes are included, or whether or not encryption was in place to protect this information.

Time and time again we see companies looking to cut costs by outsourcing core responsibilities to third-party providers, but in doing so businesses and its customers become increasingly more exposed to uncontrollable security risks. The healthcare industry continues to be a prime target for cybercriminals became there are so many moving parts to go after, so many different entry points for hackers to exploit with inadequate security. 

NNT solutions combine the essential, foundational security controls recommended by all leading security frameworks such as HIPAA HITECH and CIS with the operational discipline of change management. With the essential security controls in place and the ability to correlate changes within an environment with an approved ticket or set of rules, healthcare providers are l able to prepare for an audit and prevent and protect themselves and patients against all forms of risk, all while gaining full control over changes for security and operational peace of mind. 

Learn more about NNT's Solutions for the Healthcare Industry





The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2023, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.