Hackers Breach Networks of One of the Largest Medical Collection Agencies in the U.S.
The American Medical Collection Agency (AMCA) collects delinquent funds from patients of major health corporations like Quest Diagnostics, LabCorp, BioReference Laboratories and more. As part of their collection efforts, the company houses patient files for millions of U.S. patients. Unfortunately, their networks were breached from August 2018 to March 2019. Throughout those eight months, hackers had access to patient personal, medical and financial data.
AMCA has yet to confirm they have notified the impacted patients. Alternatively, company officials are urging those who “may be affected” to monitor their credit. They may do so by pulling a free credit report, freezing their credit, or putting fraud alerts on their credit files.
More Breaches
Although the AMCA breach impacted millions, it was not the only breach to make news over the last few days.
Graceland University confirmed their systems were breached throughout the month of April. As a result, personal information of employees may have been accessed without proper authorization. The exact number of files impacted is unclear at this time.
Oregon State University confirmed 636 student and staff records were breached. After investigating the issue further forensic analysts were able to confirm the email addresses of those 636 individuals were used to send phishing emails.
Missouri Southern State University also fell victim to a data breach, which they believe was initiated as a result of a phishing email that was opened in early January. The number of staff and/or student files impacted is unknown, as the breach went unrecognized until May.
Lastly, U.S. Customs and Border Protection (CBP) also fell victim to a data breach. According to reports, the information accessed was images of individuals and license plates. Approximately 100,000 individuals have been impacted as a result of the breach; however, it is not believed these individuals have been notified. CBP has confirmed the breach impacted only one specific point of entry into the U.S., but will not state which.