In our last blog, we analyzed the lesson about third party vendor issues in the Lab Corp breach earlier this year. In today’s blog, we will be looking at the largest breach so far this year, the Quest Diagnostics breach.
Quest Diagnostics, the medical testing company, reported a data breach that has affected about 11.9 million patients after an “unauthorized user’’ gained access to financial data, Social Security numbers, and medical data, but not laboratory test results.
The US clinical laboratory said that American Medical Collection Agency (AMCA), a billing collections provider that works with Quest, informed the company that an unauthorized user had managed to obtain access to AMCA systems. That unauthorized activity took place on “AMCA’s web payment page,” which may suggest a card skimmer was in play. No matter how it was done, millions of patients’ private information is now compromised.
If you have ever had testing, bloodwork, or any other medical work done through Quest, you may end up being personally affected. AARP has recently sent a notification out to its clients stating that clients take proactive steps to guard personally identifiable information.
Freeze Your Credit Report
Because Social Security numbers are believed to have been compromised in the Quest breach, put a freeze on your credit report at each of the major credit reporting agencies: Experian, Equifax, and TransUnion.
Keep Your Medical Receipts
If you paid for a service from Quest and know how you paid, whether by credit card or using a bank account, monitor that account closely.
Change Your Password
If you have a log-in for a Quest account to pay your bill or make an appointment, change your username and create a unique password you haven’t used before.
In the grand scheme of things, the Quest breach was not nearly as big as the Yahoo breach that impacted 3 billion accounts in 2013, or the 500 million people who were affected by a Marriott International breach in 2018. This breach feels personal, however, since it impacts peoples’ private medical data and testing results.
If your company needs help securing its network or recovering from a breach, call M&H Consulting for more information at 1-866-964-8324 or visit our website.
Categorised in: data breach, data management, hacking, IT Consulting Services, Security