Skip to content Skip to navigation

Exposing Private Information

Rows of Samples with Blue-Gloved Hand

Quest Diagnostics calls itself “the world’s leading provider of diagnostic information services.” LabCorp is also a global laboratory offering diagnostic services. Quest uses Optum360, LLC for billing collections, and both Optum and LabCorp use AMCA for collections. This means that when AMCA suffered an extended data breach, medical and personally identifying information (PII) for millions of people was exposed.

Cover of an Issue of Kiplinger's Personal Finance

Michigan’s Preservation of Personal PrivacyAct (PPPA), before its amendment on July 31, 2016, prohibited companies from sharing Personal Reading Information from the subscribers and purchasers of their publications. The complaint for this class action alleges that the Kiplinger Washington Editors, Inc. at that time shared subscriber information with third parties in violation of the law. 

Keyboard, Stethoscope, and Medical Records

How would you feel if an invoice for your medical services was sent by the processor, in an unsecured e-mail, to a friend of yours? This seems like an odd and inexplicable event. Still, the complaint for this class action alleges that Square, Inc. sent the private information of the plaintiff in this case to a friend of his, violating his privacy and failing to keep his payment and personal information confidential.

LabCorp Building

Recently, a number of data breaches have occurred at places that store personal medical information. This case brings suit against Laboratory Corporation of America and its parent company, Laboratory Corporation of America Holdings, both of which go by the name of LabCorp. However, the data breach did not involve LabCorp’s systems but those of its debt collector, which is not named as a defendant in this case.

Cover of an Issue of Hot Rod Magazine

Michigan’s Preservation of Personal Privacy Act (PPPA) prohibits the selling of magazine subscriber information to third parties. This complaint claims that TEN: Publishing Media, LLC nevertheless violated this law by selling the information of subscribers to Hot Rod magazine and other publications.

Gloved Hand Holding Test Tube with Rows of Test Tubes in Background

When a company selects and hires other companies to provide services, such as debt collection, is it responsible for the care they take with sensitive information? The complaint for this class action names Quest Diagnostics Incorporated as a defendant, as well as its vendors Optum360, LLC and American Medical Collection Agency, in a class action that concerns a data breach at American Medical.

This class action is one of several against First American Financial Corporation (FAFC) for a possible data exposure in its systems. Shockingly, the exposure was not caused by hackers or identity thieves; it was the company’s own poor data protection that made available some 885 million documents to anyone with access to a single file.

First American Financial Corporation Sign on Brick Wall

This is the second class, after one filed in the previous week, about the massive data exposure involving one of the most widely-used title insurance and real estate closing companies. The complaint alleges that First American Financial Corporation and First American Title Company allowed some 885 million documents to be available on its website with no password or authentication required. (First American Title is a subsidiary of First American Financial Corporation.) 

Quest Diagnostics Name and Logo on Building

Quest Diagnostics Incorporated is one of the leading medical laboratory services company in the country. But it subcontracted collection work to a company called Optum360, LLC, which in turn subcontracted work to Retrieval-Masters Creditors Bureau, Inc. (RMCB). The result?  The personal information of Quest customers was exposed in a data breach at a company they had never given their information to.

Washington State University Buildings

In 2017, Washington State University (WSU) found that a hard drive with a backup of its Social & Economic Sciences Research Center server had been stolen from a self-storage. WSU is now settling a class action stemming from that theft. The complaint alleged that WSU had not adequately protected the information which included personal data for over a million individuals.

Pages