Data breach at LabCorp; more than seven million affected users

A new data breach incident in a clinical analysis company has been reported by website security service experts just one day after the Quest Diagnostics company data breach was confirmed.

On this occasion, company LabCorp submitted a notification to the Securities and Exchange Commission reporting that around 7.7 million of the company’s customers would be affected by a data breach at American Medical Collection Agency (AMCA).

The document presented to the SEC details that the incident occurred between August 1st, 2018 and March 30, 2019, time lapse during which hackers were able to access information such as names, addresses, and dates of birth and account statements of the company’s customers.

According to website security service specialists, AMCA also protected information from LabCorp customers’ payment cards, although the results of the users’ clinical analyses were not exposed during this incident. In the same way, the Social Security numbers and insurance details are safe from the incident.

“For LabCorp, information security is a really serious matter. We will continue to monitor our systems for any suspicious activity, and we also offer the affected users credit monitoring services and identity fraud protection”, mentions a company statement.

On the other hand, AMCA issued a statement informing that the company is investigating a data security incident arising from the intrusion of an unauthorized user into their systems.

In the statement, AMCA claims that its payment website was disabled after receiving a data breach report by an information security compliance firm working with credit card companies; the company requested AMCA to perform a series of internal security tests.

According to specialists in website security service specialists from the International Institute of Cyber Security (IICS), AMCA decided to hire an external firm to investigate the incident of data breach, in addition, the company migrated all its payment services to a third party platform. AMCA has also expressed its willingness to cooperate with the authorities in investigating this security breach.