Stories
Slash Boxes
Comments

SoylentNews is people

19 Million Patient Records Stolen from Quest Diagnostics and LabCorp

posted by Fnord666 on Thursday June 13 2019, @01:19PM   Printer-friendly
from the another-day-another-hack dept.

MrPlow writes:

Submitted via IRC for SoyCow4463

A security breach at a billing company has resulted in nearly 20 million patients of LabCorp and Quest Diagnostics getting their information stolen from them. The breach was first disclosed Monday by Quest Diagnostics, which reported in a Securities and Exchange Commission filing that a breach at third-party collections vendor American Medical Collection Agency (AMCA) compromised 11.9 million customers. Today, LabCorp indicated that 7.7 million of its patients were also affected by the AMCA breach.

The attack targeted at AMCA's website is just the latest in a series of breaches that have managed to skim personal information from major companies. Similar attacks hit British Airways, Ticketmaster and Newegg late last year.

Source: https://www.engadget.com/2019/06/05/quest-diagnostics-labcorp-amca-data-breach/

Previously: Billing Details for 11.9M Quest Diagnostics Clients Exposed

Original Submission

 
This discussion has been archived. No new comments can be posted.
19 Million Patient Records Stolen from Quest Diagnostics and LabCorp | Log In/Create an Account | Top | 14 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by SemperOSS on Thursday June 13 2019, @02:12PM (2 children)

    by SemperOSS (5072) on Thursday June 13 2019, @02:12PM (#855143)

    As a software architect who mostly work directly for public services and for their suppliers, I find it very difficult to get developers to take security seriously beyond token measures to cover the bare minimum. Trying to get people higher up in the hierarchy to take action is probably even more difficult as their bonus targets are cost and delivery time, both of which could be affected negatively by doing security right — at least in their books. As long as that is the case and as long as specific security measures are not baked in to the tenders and contracts, this is not going to change.


    --
    I don't need a signature to draw attention to myself.
    Maybe I should add a sarcasm warning now and again?
    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 1, Insightful) by Anonymous Coward on Thursday June 13 2019, @05:17PM

    by Anonymous Coward on Thursday June 13 2019, @05:17PM (#855203)

    As a software architect who mostly work directly for public services and for their suppliers, I find it very difficult to get developers to take security seriously beyond token measures to cover the bare minimum.

    It seems that the most direct way to solve this long term is to make it far more expensive for them when the inevitable data breach occurs than it would have been to get their product out the door at minimum cost and on time delivery; make them pay huge exorbitant fines and possible jail time to boot and then they will start to take security issues seriously. While the stick is rather a brute force method to get them to do the right thing, I don't see much of any carrot to offer instead.

  • (Score: 0) by Anonymous Coward on Thursday June 13 2019, @06:02PM

    by Anonymous Coward on Thursday June 13 2019, @06:02PM (#855225)

    those aren't "developers" those are windows and mac users.