Share this article on:
Three more healthcare organizations have announced they have been affected by the data breach at American Medical Collection Agency (AMCA): West Hills Hospital & Medical Center in California, Inform Diagnostics, and CompuNet Clinical Laboratories.
The AMCA data breach was first announced more than two months ago. Most of the companies impacted by the breach were notified by AMCA in May/June that some of their patients’ data had potentially been compromised, but it has taken several weeks for those companies to be provided with sufficient information to make announcements and sent notification letters.
The breach at AMCA occurred between August 1, 2018 and March 30, 2019. During that period, an unauthorized individual had access to a web payment page, through which it was possible to obtain personal and financial information. Affected individuals had had their information passed to AMCA to collect outstanding bills for medical services.
The latest announcements bring the total number of companies known to have been affected to 21. It is not yet known how many patients of West Hills Hospital and Medical Center have been affected, but as it stands, the total victim count is at least 24,390,307. It may take several weeks before the final victim count is known and all of those individuals receive their breach notification letters.
West Hills Hospital and Medical Center
West Hills Hospital and Medical Center in West Hills, CA, uses a company called United WestLabs (UWL)to manage its reference laboratory. United WestLabs was informed by AMCA on June 12, 2019, that it had been impacted by the breach. Affected patients had their name, address, patient account number, amount owed, and service dates compromised. Some patients also had their credit or debit card number exposed.
AMCA has sent breach notification letters to all individuals whose financial information was exposed. All other affected West Hills patients are being notified by the hospital. West Hills Hospital and United WestLabs have now stopped using AMCA’s services.
Inform Diagnostics is an Irving, TX-based provider of pathology laboratory services. On June 30, 2019, the company was notified by AMCA’s holding company, Retrieval Masters Creditors Bureau, that personal and payment information had been accessed by a hacker. That information included first and last names, banking information, credit/debit card numbers, Social Security numbers, service dates, and names or referring physicians. 173,690 Inform Diagnostics patients are known to have been affected.
CompuNet Clinical Laboratories
Dayton, OH-based laboratory service provider CompuNet Clinical Laboratories was notified by AMCA on June 5, 2019 that the company had been affected by the breach.
The data exposed included names, dates of birth, service dates, medical service provider names, names of referring physicians, health insurance information, and other medical information. A subset of patients also had their Social Security number, credit/debit card number, and/or financial information exposed. Approximately 111,000 patients are known to have been affected.
Companies Known to Have Been Affected by the AMCA Data Breach
|Healthcare Organization||Records Exposed|
|Clinical Pathology Associates||2,200,000|
|American Esoteric Laboratories||541,900|
|Sunrise Medical Laboratories||427,000|
|BioReference Laboratories/Opko Health||422,600|
|Laboratory Medicine Consultants||147,600|
|CompuNet Clinical Laboratories||111,000|
|Austin Pathology Associates||46,500|
|South Texas Dermatopathology PLLC||16,100|
|Penobscot Community Health Center||13,000|
|Seacoast Pathology, Inc||10,000|
|Western Pathology Consultants||4,550|
|Laboratory of Dermatology ADX, LLC||4,240|
|West Hills Hospital and Medical Center / United WestLabs||Unknown|