Quest Diagnostics says nearly 12 million people could have been affected by a data breach that includes their personal information, certain financial data, Social Security numbers and medical information.
According to the company, American Medical Collection Agency informed Quest that an unauthorized user had access to AMCA's system containing personal information they received from various entities, including Quest.
AMCA provides billing collection services to Optum360, which is a Quest contractor.
According to Quest, AMCA first notified them May 14 of potential unauthorized activity on the AMCA web payment page, and on May 31, they notified them that the data included information on about 11.9 million Quest patients.
AMCA has not yet given detailed or complete information about the data breach to Quest or Optum360, the company said, including which information of which individuals may have been affected. Quest has not also been able to verify the accuracy of information received from AMCA, they said.
"Quest is taking this matter very seriously and is committed to the privacy and security of our patients’ personal information. Since learning of the AMCA data security incident, we have suspended sending collection requests to AMCA," the company said.