SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow4463
A security breach at a billing company has resulted in nearly 20 million patients of LabCorp and Quest Diagnostics getting their information stolen from them. The breach was first disclosed Monday by Quest Diagnostics, which reported in a Securities and Exchange Commission filing that a breach at third-party collections vendor American Medical Collection Agency (AMCA) compromised 11.9 million customers. Today, LabCorp indicated that 7.7 million of its patients were also affected by the AMCA breach.
The attack targeted at AMCA's website is just the latest in a series of breaches that have managed to skim personal information from major companies. Similar attacks hit British Airways, Ticketmaster and Newegg late last year.
Source: https://www.engadget.com/2019/06/05/quest-diagnostics-labcorp-amca-data-breach/
Previously: Billing Details for 11.9M Quest Diagnostics Clients Exposed
(Score: 4, Interesting) by NotSanguine on Thursday June 13 2019, @06:56PM (2 children)
I'm not defending them, but it wasn't Quest or LabCorp whose systems were breached.
It was a third-party debt collector's systems that were ransacked. Why does that matter? There are a several reasons:
1. Debt collectors generally buy outstanding "debts" (quotes because sometimes it's not really money that's owed, the "debtors" are just being harassed) for pennies on the dollar. As such, they have no relationship with the folks being pursued and little motivation to protect such data.
2. While (in the US at least) health care providers and insurers are liable to both civil and criminal action (under HIPAA [wikipedia.org]) for data breaches, third parties such as AMCA [amcaonline.com] are not.
3. Given points (1) and (2), companies like LabCorp and Quest can claim that they bear no responsibility for such issues, despite the fact that the "collections" agency [krebsonsecurity.com] involved "...also does business under the name “Retrieval-Masters Credit Bureau,” a company that has been in business since 1977. Retrieval-Masters also has an atrocious reputation for allegedly harassing consumers for debts they never owed." Since they knew (or should have known) the unethical history of this company, they increase their scumbag score significantly.
As such, no one has clean hands here. But just heaping scorn on Quest and LabCorp isn't enough, IMHO. Special venom should be reserved for AMCA and the lack of effective regulation around "debt" collections.
Don't give AMCA a pass here, they were the proximate cause of *multiple* data breaches and are even bigger (if that's possible) scumbags than Quest or LabCorp.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by digitalaudiorock on Thursday June 13 2019, @10:15PM (1 child)
Backing up from this 1000 miles, I tend to reserve most all my venom for all those managing to brainwash the American public into believing that a single payer system isn't clearly the way to go. That is a sane system where there is no fucking "debt" to "collect".
(Score: 3, Interesting) by NotSanguine on Thursday June 13 2019, @10:25PM
I couldn't agree more. Well, I guess if I took some molly [wikipedia.org] it might increase my levels of empathy and then I could. But in the absence of chemical enhancement, I'll do what I can.
That said, I was struck by all the hate on Quest and LabCorp in this discussion and wanted to throw some light on the culprit *in this case*. Note that I'm not letting anyone off the hook, just pointing out something that had been ignored in the comments.
Because as much as you and I (and many others [kff.org]) would like to see single-payer, that's not what we have now.
No, no, you're not thinking; you're just being logical. --Niels Bohr