LabCorp Breach Exposes 7.7 Mil Consumers’ PII, Health And Payment Info

By   ISBuzz Team
Writer , Information Security Buzz | Jun 06, 2019 01:55 pm PST

LabCorp has disclosed that 7.7 million customers may have been impacted by a data breach of a third party billing provider which exposed PII, payment data and PHI.  

Experts Comments: 

George Wrenn, Founder and CEO at CyberSaint Security:

George Wrenn“Due to the interconnectedness of modern business, I will be surprised if we do not soon learn about other companies affected by this breach. Especially with our third parties, managing, tracking, and protecting the data that flows to and from our third parties is critical to cybersecurity resilience and a foundation of privacy best practices. Organizations have a duty to ensure that third parties are guarding their patients’ personally identifiable information, and this event is certainly evidence of its importance. The prevalence of third-party breaches, as well as the severity, is only increasing as digitization takes over modern business. Organizations must be responsible for tracking their third parties, knowing the real-time status of their cybersecurity, data protection, and privacy postures, and identifying their risk tolerance using this information to request remediation activities and make the most informed partnership decisions possible.” 

Mounir Hahad, Head at Juniper Threat Labs at Juniper Networks:

isbuzz expert 1 1“It is expected that any organization that uses AMCA for collections would be impacted by this breach. It is telling that AMCA’s main web site does not enforce encryption like most web sites do, and when you manually switch to HTTPS to try to secure the connection, it presents you with the wrong certificate for another web site called, which also happens to have expired a year ago.”