Over 20M Patients Affected In Massive AMCA Medical Data Breach, Attorney General Frosh Warns Marylanders

BALTIMORE (WJZ) — Maryland Attorney General Brian E. Frosh warns Marylanders their medical and other private information may have been compromised by a cyberattack against American Medical Collection Agency, a third party collection agency for laboratories, hospitals, physician groups, medical providers and others.

The known list of those impacted affects over 20 million patients. It includes:

Quest Diagnostics: 11.9 million patients
LabCorp: 7.7 million patients
BioReference Laboratories: 422,600 patients
Carecentrix: 500,000 patients
Sunrise Laboratories: unknown number of patients

The compromised information varies for each, but includes some or all of the following:

Patient Name
Date of Birth
Address
Phone Number
Date of Service
Provider
Balance Information
Payment Card Information
Bank Account Information
Social Security Number
Lab Test Performed

AMCA's payment system was compromised on August 1, 2018, according to the release, and remained vulnerable through March 30, 2019.

AMCA has begun to send out written notices to consumers whose credit card number, social security number or lab test order information may have been accessed.

Maryland Attorney General Frosh warns consumers to carefully review their financial and medical accounts regularly for suspicious activity and immediately report all suspicious or fraudulent charges to their financial institutions or health insurance providers.

"Massive data breaches like the one experienced by the AMCA are extremely alarming, especially considering the likelihood that personal, financial, and medical information may now be in the hands of thieves and scammers," said Attorney General Frosh. "I strongly urge consumers to take steps to ensure that their information and personal identity is protected."

Customers who believe they may have been affected should immediately take these steps to protect their information, he says:

Obtain a free credit report at www.annualcreditreport.com or by calling 877-322-8228.
Put a fraud alert on your credit file.
Consider a security freeze on your credit file (for more information about freezes, visit http://www.marylandattorneygeneral.gov/Pages/IdentityTheft/freezing.aspx).
Take advantage of any free services being offered as a result of the breach.
Use two-factor authentication on your online accounts whenever available.

Featured Local Savings

More from CBS News

Baltimore City claims 'negligence' in lawsuit against the Dali, the ship that caused Key Bridge collapse

Baltimore Ravens, Under Armour partner with Baltimore City, other school districts for girls' flag football programs

Maryland act to increase healthcare access for immigrants awaits governor's signature

22-year-old man stabbed near Rash Field by Inner Harbor