LabCorp announced that 7.7 million patients had their personal and financial data stolen by hackers, reports TechCrunch. The LabCorp data breach comes from the same hacking incident as the Quest data breach announced in late May 2019.
Details about the LabCorp Data Breach
As with the Quest data breach lawsuit our law firm is investigating, the LabCorp data breach occurred when hackers gained unauthorized access to LabCorp’s payment and collections vendor, American Medical Collection Agency (AMCA), according to cybersecurity researcher Brian Krebs.
In an SEC filing, LabCorp wrote, according to Krebs, that:
LabCorp said it learned that the breach at AMCA persisted between Aug. 1, 2018 and March 30, 2019. It said the information exposed could include first and last name, date of birth, address, phone, date of service, provider, and balance information [and] credit card or bank account information that was provided by the consumer to AMCA (for those who sought to pay their balance).
According to LabCorp, AMCA is “in the process” of sending notices to 200,000 LabCorp customers that their credit or debit card information was stolen. It’s not clear at this time whether any notices have actually been sent. LabCorp says that it doesn’t yet have a list of its affected customers, but AMCA presumably has that information.
American Medical Collection Agency's role in the data breach
According to Brian Krebs, American Medical Collection Agency — the entity that was hacked — also does business under the name “Retrieval-Masters Credit Bureau.” Krebs says, “Retrieval-Masters also has an atrocious reputation for allegedly harassing consumers for debts they never owed.” Retrieval-Masters has nearly 700 complaints filed against it by consumers and an “F” rating with the Better Business Bureau (BBB), according to Krebs.
It’s not clear at this time whether Retrieval-Masters and American Medical Collection Agency utilized the same online system that was breached, but their websites and payment portal look very similar.
Get tests done with LabCorp?
You may be breached. Contact us to learn more.
Our Data Breach Lawsuit Experience
Our attorneys recently won two prestigious awards for our work in data breach lawsuits. Eric Gibbs received a 2018 “MVP” award and 2019 CLAY award (“California Attorney: Lawyer of the Year”) for his work successfully representing data breach victims.
Our attorneys served in a court-appointed leadership role in the Anthem data breach class action, and helped achieve a $115 million settlement for victims of the Anthem data breach. The settlement received final approval from the court in August 2018.
We’ve also achieved landmark results in our past data breach cases, including the Adobe data breach litigation, UCSF data breach lawsuit, and Health Net of California data breach litigation.