Tags: quest diagnostics | data breach | vendors | cybersecurity

Quest Diagnostics Data Breach Highlights Vendor Vulnerability

Quest Diagnostics Data Breach Highlights Vendor Vulnerability
(Piotr Trojanowski/Dreamstime.com)

By
Tuesday, 04 June 2019 12:35 PM Current | Bio | Archive

Quest Diagnostics, a leading American clinical laboratory company, announced today that 11.9 million patients may have been compromised in a vendor-related incident.

A statement released by Quest revealed that an “unauthorized user” had gained access to a system used by American Medical Collection Agency (AMCA), a billing vendor subcontracted by a Quest contractor called Optum360. Patient Social Security numbers and medical records were potentially compromised. Lab results were not compromised, according to the statement.

On a scale from 1 to 10, this news should elicit a full body wince. Health services rely on a rich ecosystem of interconnected businesses, and there is a vendor “food chain” of sorts. The old truism that you’re only as good as the vendors you choose is made more complex in a vendor-rich environment, because you may be affected by your vendor’s vendor. We have reached the point in our collective cyber insecurity that vendor vetting should extend to, or prohibit, unsupervised and/or undisclosed subcontracts.

News that Quest potentially exposed extremely sensitive PHI (Protected Health Information) as well as the financial information of 12 million patients was the result of a vendor mistake, and that should be met with serious alarm. It was caused by an organization in Quest’s vendor food chain, but it means there is something desperately wrong with the way big business views the perils of big data in general.

Call it vendor vulnerability. Call it an avoidable cyber-fail. But don’t say it isn’t serious. The revelation that specific lab tests may not have been exposed is cold comfort to those who now have a higher likelihood of suffering some sort of identity fraud incident.

Adam K. Levin is a consumer advocate with more than 30 years of experience and is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance. A former Director of the New Jersey Division of Consumer Affairs, Mr. Levin is Chairman and founder of CyberScout and co-founder of Credit.com. Adam Levin is the author of Amazon.com Best Seller "Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves." He is the security and credit expert for ABCNews.com and writes a weekly column for The Huffington Post, Inc. Magazine, The Hill, and Newsmax. Mr. Levin is a go-to expert appearing on many national TV programs including "The Today Show," "Good Morning America," "MSNBC Live," "Fox and Friends," "NBC Nightly News," "ABC World News Tonight," "Cavuto Coast to Coast," "Bloomberg Surveillance," as well as radio nationally. Read more of his reports — Go Here Now.

© 2019 Newsmax. All rights reserved.

   
1Like our page
2Share
AdamLevin
Quest Diagnostics, a leading American clinical laboratory company, announced today that 11.9 million patients may have been compromised in a vendor-related incident.
quest diagnostics, data breach, vendors, cybersecurity
423
2019-35-04
Tuesday, 04 June 2019 12:35 PM
Newsmax Media, Inc.
 

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved