• Billing Details for 11.9M Quest Diagnostics Clients Exposed

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Billing Details for 11.9M Quest Diagnostics Clients Exposed

    Tags:

    Author
    Topic
    Nibbled To Death By Ducks
    AskWoody Plus
    June 4, 2019 at 12:07 am #1776372
    Options

    How many here have sallied into Quest for their routine yearly physical workup panel? Here we go:

    https://www.bleepingcomputer.com/news/security/billing-details-for-119m-quest-diagnostics-clients-exposed/

    That’s 11.9 MILLION.

    Gosh, I wonder if we’ll all get a year’s worth of credit monitoring as restitution? (^%$#!!!)

    Feds, get with it and start fining these boneheads, every time, big time!

    “UPDATE: American Medical Collection Agency (AMCA), a billing collections service provider, has informed Quest Diagnostics that an unauthorized user had access to AMCA’s system containing personal information AMCA received from various entities, including from Quest. AMCA provides billing collections services to Optum360, which in turn is a Quest contractor. Quest and Optum360 are working with forensic experts to investigate the matter.”

    “From various entities”?? Man, that’s a phrase you could throw a semi through! Haven’t reached bottom on this one!

    Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
    --
    "Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

    2 users thanked author for this post.
    Elly, woody
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • OscarCP
      Member
      June 4, 2019 at 1:14 am #1777750
      Options

      I am one of those that pay regular visits to a Quest place nearby to have a couple of tests to monitor the effect of a medication I have been taking for many years, and for a panel of tests before my annual physical. I’m not sure of the implications of being one of those 11.9 million: I do not suffer from a mental illness, problematic addictions, or the sort of conditions one is like to feel ashamed of and prefers that not be widely known. I imagine this is a real problem for those who have one of those conditions just enumerated. Having criminals in possession of their medical information could open them to extortion, for example. For my part, I suspect that have little to worry about. Or maybe this is just a situation when ignorance is bliss.

      Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

      MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
      Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
      macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      Reply | Quote
    • Alex5723
      AskWoody Plus
      June 4, 2019 at 4:21 am #1781247
      Options
      OscarCP wrote:

      I suspect that have little to worry about.

      If you don’t worry about identity theft (financial information such as bank account data, credit card numbers, Social Security Numbers..were stolen) I wonder what do you worry about ?

      • This reply was modified 4 years, 6 months ago by Alex5723.
      Reply | Quote
      • OscarCP
        Member
        June 4, 2019 at 4:05 pm #1790746
        Options

        “Quest” has none of that sensitive personal information from me, only my doctor’s name and address, my insurer’s name, my account number with the insurer’s company (Medicare) and my land-line phone number, not my cellphone’s. In any case, my SSN is known, by now, to everyone and their dog all over this planet and, most likely, parts beyond as well. As is the case with everyone’s SSN.

        Now, if the ones stealing the data have ways to use my information, garnered with this breach, to track me and find other highly sensitive information, such as bank accounts, about me, information already released by other breaches, of which there are quite a few by now at the millions-of-people-affected level, then I am not going to worry for myself until something demonstrably bad happens to me because of that. Life is just too short to worry about things one cannot do anything about. Which, by the way, is the basic Stoic philosophy, one that I thoroughly approve of and whose teachings I endevour to follow. Saves, time, trouble and unnecessary bother, most of the time.

        This, of course, does not mean that I disagree with NTDBD, when he writes:

        ” Feds, get with it and start fining these boneheads, every time, big time! ” To which I would add: Or whomever it is that has to be fired. Or fined. Or jailed. Or fined and jailed.

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

        1 user thanked author for this post.
        wavy
        Reply | Quote
    • Nibbled To Death By Ducks
      AskWoody Plus
      June 5, 2019 at 11:19 pm #1794925
      Options

      UPDATE:

      According to The Register and others, the finger is being pointed at American Medical Collection Agency (AMCA) on behalf of blood-testing biz LabCorp (I knew this was going to get worse)  and medical-testing giant Quest Diagnostics.

      “AMCA did not respond to a request for comment on the matter.”

      Yeah, I’ll bet they didn’t.

      Wonder who else uses AMCA? Watch this space. Head’s up, incoming!

      https://www.theregister.co.uk/2019/06/05/labcorp_amca_hacked/

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
      --
      "Nine out of 10 doctors say Acid Reflux is mainly caused by computers."

      Reply | Quote
    • Geo
      AskWoody Plus
      June 6, 2019 at 11:57 am #1799689
      Options
      Reply | Quote
      • Paul T
        AskWoody MVP
        June 7, 2019 at 5:39 am #1807423
        Options

        Geo, please give us a precis before the link (as done by NTDBD above). Then we can decide if clicking the link is warranted.

        cheers, Paul

        1 user thanked author for this post.
        access-mdb
        Reply | Quote
    Viewing 3 reply threads
    Reply To: Billing Details for 11.9M Quest Diagnostics Clients Exposed

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    December 2023
    S M T W T F S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.