Publications

Quest Diagnostics Discloses Data Breach that May Have Exposed the Personal Information of Nearly 12 Million Patients

June 10, 2019 Published Article
By Daniel Schneider

In a recent filing with the U.S. Securities and Exchange Commission, Quest Diagnostics disclosed that nearly 12 million patients may have had their personal and financial data exposed as a result of a breach that occurred through its billing collection vendor, American Medical Collection Agency.  On May 14, 2019, AMCA informed Quest that it identified “potential unauthorized activity” on its web payment page that allowed an “unauthorized user” to gain access to millions of social security numbers, credit card numbers, bank account information and other sensitive data between August 1, 2018 and March 30, 2019 according to the filing.

While no laboratory test results were exposed because Quest does not provide that data to AMCA, this breach sheds light on the fact that data held by medical companies is becoming an increasingly common target for cybercriminals.  Although Quest reported that it has not yet been able to verify the accuracy of the information received from AMCA since the investigation is on-going, Quest has since suspended sending any further collection requests to AMCA out of an abundance of caution.

Be Proactive: Monitor & Vet

For patients of Quest that are concerned about their own information:

  • Make a habit of monitoring bank account and credit card statements to catch any unauthorized charges. If you find any unauthorized activity, report it immediately. Many banks allow users to set up text-message alerts for every transaction over a specified amount.
  • Consider requesting a credit freeze with each of the three major consumer credit bureaus in an effort to watch if your social security number has been stolen. A credit freeze will not affect credit scores, but it will prevent credit reports from being accessed and used by cybercriminals to do such things as applying for loans in your name.

For business owners that are similarly concerned about their own stores of user and customer information, the Quest breach is a stark reminder to make sure that the proper safeguards to protect user and customer information are being implemented. Additionally, outside vendors and contractors that will have access to user data should be properly vetted to ensure that they have the appropriate security in place to protect user data.

The Quest breach is yet another in the long-line of significant data breaches that the citizens of our country have endured. Unfortunately, these breaches will continue to occur – thus obligating both businesses and consumers to guard personal information in the most effective manner possible.

Firm Highlights

News

Client Spotlight: The New Home Company’s Miek Harbur

In a recent edition,  Vanguard Magazine  highlighted the outstanding leadership of Miek Harbur, general counsel and corporate secretary to The New Home Company. Appointed as the company’s first in-house counsel at just 29 years...

News

Newmeyer Dillion’s Labor & Employment Team Fights on Behalf of California Employers

Employers embroiled in labor and employment disputes, particularly in California, are facing an increasingly uphill battle in defending themselves against allegations from employees. In recent years, states have become more employee friendly, leading companies...

News

Newmeyer Dillion Welcomes New Associates Alexandra Jernigan & Noelle Malindzak

Prominent business and real estate law firm Newmeyer Dillion is pleased to announce that Alexandra Jernigan and Noelle Malindzak have joined the firm’s Newport Beach office as associates in the Business Litigation group.

Find a Person
ABCDEFGHIJKLMNOPQRSTUVWXYZView All
View All
About the Firm