LabCorp, a medical testing company, recently suffered a massive data breach that affected around 7.7 million of its patients’ data. According to a filing with the U.S. Securities and Exchange Commission, LabCorp. said it discovered the breach at a third-party billing collections firm, the American Medical Collection Agency (AMCA), between August 1, 2018, and March 30, 2019.
The company stated the exposed information could include personal and financial data like – first and last name, date of birth, address, phone, date of service, provider, and balance information. The breach also exposed credit card and bank numbers attached to around 200,000 accounts, according to the filing.
“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA (for those who sought to pay their balance). LabCorp provided no ordered test, laboratory results, or diagnostic information to AMCA. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers,” the filing reads.
“It is in the process of sending notices to approximately 200,000 LabCorp consumers whose credit card or bank account information may have been accessed. AMCA has not yet provided LabCorp a list of the affected LabCorp consumers or more specific information about them,” the statement added.
In a similar recent incident, a data breach at Inmediata Health Group, a healthcare billing and administrative service provider, exposed the personal and medical data of Michigan residents. The Puerto Rico-based healthcare center stated that a technical glitch in the webpage settings permitted search engines to expose internal webpages online, which contained patients’ sensitive information. According to Inmediata, the exposed data included patients’ name, addresses, social security numbers, and other personal health information.
The security officials at Inmediata halted the website temporarily and contacted a digital forensic firm to investigate the incident. The center clarified that there was no discovery of any misuse of the exposed data. The affected patients are suggested to monitor their financial accounts for any fraud transactions.
Also, a recent research report revealed that health care organizations suffered the highest number of data breaches in 2018 across any sector of the U.S. economy. According to Beazley Breach Response, a breach response management and information security insurance solutions provider, the healthcare entities have reported the highest number of data breaches, at 41 percent.
The report, dubbed as Beazley Breach Insights Report, stated that direct hacking, the presence of malware, or due to human error were the causes of data breaches in healthcare organizations. The report also revealed the percentage of breaches in other sectors of the economy. The education sector accounted for 10 percent of security issues, financial institutions reported 20 percent of incidents, and professional services represent 13 percent of cases.
The cybercriminals are attempting to extort cryptocurrency from companies or individuals claiming to have embarrassing evidence of people using adult websites at work, which are related to extortion, the report added.