LabCorp is the latest laboratory testing giant this week to confirm it’s affected by the same third-party data breach.
The Burlington, North Carolina-based medical giant said 7.7 million patients had their personal and financial data stolen by hackers, which hit the payment pages of the American Medical Collection Agency, a third-party vendor that processes payments for LabCorp and other companies.
The admission comes a day after Quest Diagnostics around 11.9 million patients had their data stolen.
In a filing with the Securities and Exchange Commission, LabCorp said the stolen data includes a patient’s name, date of birth, address, phone number, date of service, provider, and balance information.
“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA,” said the filing. Some 200,000 patients will receive more detailed notices that their financial information was taken.
But LabCorp said no medical data or lab and diagnostic results data was taken.
Like the Quest breach, LabCorp’s data incident dated back to August 1, 2018 until March 30, 2019.
The total number of patients affected by the AMCA payments page breach stands at just shy of 20 million. Given the company provides payment and bill collection services to a broad range of businesses, we may see similar notices dropping in the near future.