News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Billing Details for 11.9M Quest Diagnostics Clients Exposed

    Posted on Nibbled To Death By Ducks Comment on the AskWoody Lounge

    Home Forums Code Red – Security/Privacy advisories Billing Details for 11.9M Quest Diagnostics Clients Exposed

    This topic contains 6 replies, has 5 voices, and was last updated by  Paul T 4 months, 1 week ago.

    • Author
      Posts
    • #1776372 Reply

      How many here have sallied into Quest for their routine yearly physical workup panel? Here we go:

      https://www.bleepingcomputer.com/news/security/billing-details-for-119m-quest-diagnostics-clients-exposed/

      That’s 11.9 MILLION.

      Gosh, I wonder if we’ll all get a year’s worth of credit monitoring as restitution? (^%$#!!!)

      Feds, get with it and start fining these boneheads, every time, big time!

      “UPDATE: American Medical Collection Agency (AMCA), a billing collections service provider, has informed Quest Diagnostics that an unauthorized user had access to AMCA’s system containing personal information AMCA received from various entities, including from Quest. AMCA provides billing collections services to Optum360, which in turn is a Quest contractor. Quest and Optum360 are working with forensic experts to investigate the matter.”

      “From various entities”?? Man, that’s a phrase you could throw a semi through! Haven’t reached bottom on this one!

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

      2 users thanked author for this post.
    • #1777750 Reply

      OscarCP
      AskWoody Plus

      I am one of those that pay regular visits to a Quest place nearby to have a couple of tests to monitor the effect of a medication I have been taking for many years, and for a panel of tests before my annual physical. I’m not sure of the implications of being one of those 11.9 million: I do not suffer from a mental illness, problematic addictions, or the sort of conditions one is like to feel ashamed of and prefers that not be widely known. I imagine this is a real problem for those who have one of those conditions just enumerated. Having criminals in possession of their medical information could open them to extortion, for example. For my part, I suspect that have little to worry about. Or maybe this is just a situation when ignorance is bliss.

      Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

    • #1781247 Reply

      Alex5723
      AskWoody Plus

      I suspect that have little to worry about.

      If you don’t worry about identity theft (financial information such as bank account data, credit card numbers, Social Security Numbers..were stolen) I wonder what do you worry about ?

      • This reply was modified 4 months, 2 weeks ago by  Alex5723.
      • #1790746 Reply

        OscarCP
        AskWoody Plus

        “Quest” has none of that sensitive personal information from me, only my doctor’s name and address, my insurer’s name, my account number with the insurer’s company (Medicare) and my land-line phone number, not my cellphone’s. In any case, my SSN is known, by now, to everyone and their dog all over this planet and, most likely, parts beyond as well. As is the case with everyone’s SSN.

        Now, if the ones stealing the data have ways to use my information, garnered with this breach, to track me and find other highly sensitive information, such as bank accounts, about me, information already released by other breaches, of which there are quite a few by now at the millions-of-people-affected level, then I am not going to worry for myself until something demonstrably bad happens to me because of that. Life is just too short to worry about things one cannot do anything about. Which, by the way, is the basic Stoic philosophy, one that I thoroughly approve of and whose teachings I endevour to follow. Saves, time, trouble and unnecessary bother, most of the time.

        This, of course, does not mean that I disagree with NTDBD, when he writes:

        ” Feds, get with it and start fining these boneheads, every time, big time! ” To which I would add: Or whomever it is that has to be fired. Or fined. Or jailed. Or fined and jailed.

        Windows 7 Professional, SP1, x64 Group B & macOS + Linux (Mint) => Win7 Group W(?) + Mac&Lx

        1 user thanked author for this post.
    • #1794925 Reply

      UPDATE:

      According to The Register and others, the finger is being pointed at American Medical Collection Agency (AMCA) on behalf of blood-testing biz LabCorp (I knew this was going to get worse)  and medical-testing giant Quest Diagnostics.

      “AMCA did not respond to a request for comment on the matter.”

      Yeah, I’ll bet they didn’t.

      Wonder who else uses AMCA? Watch this space. Head’s up, incoming!

      https://www.theregister.co.uk/2019/06/05/labcorp_amca_hacked/

      Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", Group "Wait for the all-clear", Multiple Air-Gapped backup drives in different locations, "Don't check for updates-Full Manual Mode."
      --
      "...All the people, all the time..." (Peter Ustinov ad-lib from "Logan's Run")

    • #1799689 Reply

      Geo
      AskWoody Plus
      • #1807423 Reply

        Paul T
        AskWoody MVP

        Geo, please give us a precis before the link (as done by NTDBD above). Then we can decide if clicking the link is warranted.

        cheers, Paul

        1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Billing Details for 11.9M Quest Diagnostics Clients Exposed

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.