Nearly 12 million Quest Diagnostics customers may have had their financial, medical, and other personal information exposed in a data breach, CNBC reports.
In a filing with the Securities and Exchange Commission, Quest says American Medical Collection Agency, a billing collections service provider hired by Quest contractor Optum360, informed it of potential unauthorized activity on its web payment page, CNBC adds. It notes the unauthorized user had access between Aug. 1, 2018, and March 30, 2019. The system that unauthorized user accessed includes credit card numbers, bank account information, medical information, and Social Security numbers, but not lab test results, according to Quest.
Quest has suspended its use of AMCA and is having forensic experts look into the matter, CNN reports, noting that Quest says AMCA has not given it detailed information about what took place or which customers were affected. CNN adds that AMCA has said it too is investigating what occurred.
"We are committed to keeping our patients, health care providers, and all relevant parties informed as we learn more," Quest says in a statement.