Quest Diagnostics, LabCorp Data Breach Lawsuit

A data breach may have allowed hackers to access private personal and financial information of millions of lab patients. Because of this data breach, a Class Action Lawsuit has been filed against Quest Diagnostics, LabCorp and others.

Lab Patient Data Breach Lawsuit

A data breach may have allowed hackers to access private personal and financial information of millions of lab patients between August 1, 2018 and March 30, 2019. The data breach occurred at American Medical Collection Agency but may have affected up to 20 million people had overdue laboratory service bills with Quest Diagnostics, LabCorp and others. Many of these patients may be participating in a Class Action Lawsuit.

Labs with patients who may be affected by data breach include:

  • Quest Diagnostics
  • LabCorp
  • American Esoteric Laboratories
  • Arizona Dermatopathology
  • Austin Pathology Associates
  • BioReference (a subsidiary of OPKO Health)
  • CareCentrix
  • CBLPath
  • Clinical Pathology Laboratories
  • CompuNet Clinical Laboratories
  • Conduent
  • Inform Diagnostics
  • Laboratory of Dermatopathology ADX
  • Natera
  • Optum 360
  • Penobscot Community Health Center
  • Seacoast Pathology
  • South Texas Dermatopathology
  • Sunrise Medical/Sunrise Laboratories

Patients whose laboratory accounts were not past-due and were not in collections with AMCA are not affected by the laboratory patient data breach.

What was exposed?

Up to 20 million lab patients whose bills for laboratory services were past due and being processed by AMCA, may have been exposed to identity theft, fraud and placed at financial risk. Many of these people have already received letters and may be considering lawsuits to compensate them for financial risks that have occurred.

Information that may have been obtained by hackers includes:

  • Name, Address
  • Birth dates
  • Social security numbers
  • Financial information (credit cards and bank account)
  • Medical information
  • Other personal information

The data breach occurred at American Medical Collection Agency (AMCA) and not at LabCorp, Quest Diagnostics or other locations. The data breach involved information of people whose laboratory service accounts were in arrears or past due. Many patients whose data was exposed have already received letters from AMCA or their laboratory service company.

People who had laboratory services provided by one of the named labs but were not in arrears, were not placed at risk.

AMCA Data Breach Claims

Quest, LabCorp, and other labs had the duty to keep patient information safe and secure but failed in that duty.

The Quest Diagnostics, LabCorp Class Action data breach lawsuits claim that the company failed to properly safeguard consumers’ information which allowed hackers to access its systems for eight months. If the company had properly safeguarded accounting and computer systems, the breach would not have occurred and if systems had been properly monitored, the breach would have been discovered much sooner.

The data breach lawsuits claim specifically that Quest Diagnostics, LabCorp or other lab companies failed to:

  • Construct and maintain appropriate data security systems to prevent intrusion, data breach and cyberattack
  • Adequately monitor data security systems for intrusion, data breach and cyber attack
  • Ensure that contractors or vendors used appropriate security measures to prevent breaches
  • Ensure that confidentiality, privacy and integrity of electronic protected health information that was created, maintained and distributed among vendors remained safe, private and secure

Data Breach Lawsuit Compensation

Patients whose accounts for laboratory services were in collection may have been exposed to financial losses due to identity theft, fraud or other financial issues and may have been required to spend time or costly resources to recover losses. If successful, data breach lawsuits may help provide compensation for those losses.

Data breach class actions generally seek to recover costs including:

  • Compensation for losses suffered caused by identity theft and fraud
  • Reimbursement of credit monitoring fees, reporting fees and costs of credit freezes
  • Financial compensation for lost personal or work time spent responding to problems caused by the breach
  • Free credit monitoring
  • Free identity theft insurance

In some cases, class action lawsuits also require companies to make improvements in their systems to prevent future breach or data failure.

People who received a letter notifying them that their data may have been compromised or those who had a past due LabCorp, Quest Diagnostics or other laboratory service account in collection with AMCA between August 2018 and March 2019, should seek legal assistance.  You may be eligible for compensation through a Class Action Lawsuit.


Since its establishment in 1999, Seeger Weiss has led some of the most complex and high-profile litigations in the U.S.