Newsroom

Following news that as many as 11.9 million patients had financial and medical information exposed in a breach of a medical billing firm's web payment system, KrebsonSecurity reports that 7.7 million more were impacted.

Medical testing firm LabCorp announced that millions of its consumers – like its competitor Quest Diagnostics – had information exposed by the breach of American Medical Collection Agency's (AMCA) web payment system. The data exposed included personal information – such as names, birth dates and addresses – and financial information, including credit card numbers and bank account details.

AMCA told LabCorp it was sending notices consumers whose financial information was exposed, but LabCorp has yet to receive a list of all who were affected. AMCA reported that the breach occurred between August 2018 and March 2019.

NAFCU – a leader in calling for a national data security standard – has advocated for safeguards to ensure negligent entities are held accountable for data exposures, consumers have control over their data and are notified of breaches in a timely manner. The association believes that all entities – not just financial institutions – that handle consumer information must comply with comprehensive federal data protection standards.

The association has long been active with lawmakers on the issue of data security and was the first group after the massive 2013 Target data breach to call for a legislative solution to reform the nation's data security system.