Recent healthcare data hacks have impacted almost 20 million people — and some members of Congress are demanding answers.
New York-based American Medical Collection Agency has been named as the victim in a large healthcare data breach, with Laboratory Corporation of America Holdings (LabCorp) revealing that 7.7 million patients’ accounts at AMCA were stored in the affected computer system. In addition, Quest Diagnostics Inc. said that 11.9 million people were exposed in the AMCA breach.
The exposed data includes names, dates of birth, addresses, financial and other personal information. While LabCorp didn’t provide AMCA with any ordered test, diagnostic information or test results, Quest admitted that the hack may have included unspecified medical information, but not test results.
As a result of the news, New Jersey Democrats Bob Menendez and Cory Booker, as well as Mark Warner, a Virginia Democrat, wrote Quest on Wednesday (June 5) asking for more information about the breach.
“I am concerned about your supply chain management, and your third party selection and monitoring process,” Warner said in the letter to Quest Chief Executive Officer Stephen Rusckowski, according to Bloomberg.
In a separate letter, Menendez and Booker demanded that Quest provide a detailed timeline of the breach and the company’s reaction, including the steps it has taken to limit any additional harm to patients.
AMCA’s website boasts that the company sends out 1.4 million letters each month, and has worked with at least 25 million people. The firm said that it’s investigating the breach and has informed law enforcement. It added that it cannot disclose the names of companies affected “due to client confidentiality concerns.”
“It is expected that any organization that uses AMCA for collections would be impacted by this breach,” Mounir Hahad, head of Juniper Threat Labs at Juniper Networks, a computer security firm, said in an email.