Two of the country’s largest lab providers, LabCorp and Quest Diagnostics, discovered a data breach that occurred at a third-party vendor they both use for billing and collections. This data breach occurred between August 1, 2018 and March 30, 2019. Both LabCorp and Quest have both stated that the breach is limited to members who were referred to a third-party debt collection vendor due to unpaid bills.
The labs are unable to inform affected payors regarding which or how many of their members were impacted by the data breach. If any of your members were affected, they will receive or may have already received notification letters from LabCorp and/or Quest Diagnostics outlining what they can do to protect their identity.
According to the information we received from the labs, the breach included identification and contact information such as name, date of birth, address, and phone number; and payment information such as bank account number, payor information, and diagnosis codes. Credit card information and test results were not included in the breach.
We are not aware of any misuse of patient information related to this incident.