Almost 12 million Quest Diagnostics customers personal information may have been breached, Quest announced on Monday afternoon.

American Medical Collection Agency (AMCA), a billing collections service provider, has informed Quest Diagnostics that an unauthorized user had access to AMCA’s system containing personal information AMCA received from various entities, including from Quest. AMCA provides billing collections services to Optum360, which in turn is a Quest contractor. Quest and Optum360 are working with forensic experts to investigate the matter.

Quest was notified about the incident on May 14, and that might affect 11.9 million Quest patients.

"Quest is taking this matter very seriously and is committed to the privacy and security of our patients’ personal information. Since learning of the AMCA data security incident, we have suspended sending collection requests to AMCA," Quest said in a prepared statement.

AMCA believes the information includes personal information, including certain financial data, Social Security numbers and medical information (with the exclusion of laboratory test results).

AMCA has not yet provided Quest or Optum360 detailed or complete information about the AMCA data security incident, including which information of which individuals may have been affected. And Quest has not been able to verify the accuracy of the information received from AMCA.

Quest will be working with Optum360 to ensure that Quest patients are appropriately notified consistent with the law.

Recommended for you