Skip to content Skip to navigation

Exposure to cyber crime

Rows of Samples with Blue-Gloved Hand

Quest Diagnostics calls itself “the world’s leading provider of diagnostic information services.” LabCorp is also a global laboratory offering diagnostic services. Quest uses Optum360, LLC for billing collections, and both Optum and LabCorp use AMCA for collections. This means that when AMCA suffered an extended data breach, medical and personally identifying information (PII) for millions of people was exposed.

LabCorp Building

Recently, a number of data breaches have occurred at places that store personal medical information. This case brings suit against Laboratory Corporation of America and its parent company, Laboratory Corporation of America Holdings, both of which go by the name of LabCorp. However, the data breach did not involve LabCorp’s systems but those of its debt collector, which is not named as a defendant in this case.

Gloved Hand Holding Test Tube with Rows of Test Tubes in Background

When a company selects and hires other companies to provide services, such as debt collection, is it responsible for the care they take with sensitive information? The complaint for this class action names Quest Diagnostics Incorporated as a defendant, as well as its vendors Optum360, LLC and American Medical Collection Agency, in a class action that concerns a data breach at American Medical.

This class action is one of several against First American Financial Corporation (FAFC) for a possible data exposure in its systems. Shockingly, the exposure was not caused by hackers or identity thieves; it was the company’s own poor data protection that made available some 885 million documents to anyone with access to a single file.

First American Financial Corporation Sign on Brick Wall

This is the second class, after one filed in the previous week, about the massive data exposure involving one of the most widely-used title insurance and real estate closing companies. The complaint alleges that First American Financial Corporation and First American Title Company allowed some 885 million documents to be available on its website with no password or authentication required. (First American Title is a subsidiary of First American Financial Corporation.) 

Quest Diagnostics Name and Logo on Building

Quest Diagnostics Incorporated is one of the leading medical laboratory services company in the country. But it subcontracted collection work to a company called Optum360, LLC, which in turn subcontracted work to Retrieval-Masters Creditors Bureau, Inc. (RMCB). The result?  The personal information of Quest customers was exposed in a data breach at a company they had never given their information to.

Washington State University Buildings

In 2017, Washington State University (WSU) found that a hard drive with a backup of its Social & Economic Sciences Research Center server had been stolen from a self-storage. WSU is now settling a class action stemming from that theft. The complaint alleged that WSU had not adequately protected the information which included personal data for over a million individuals.

Sign for First Financial on Brick Wall with Eagle Logo

Should companies delete the private information of customers after a certain period? The complaint for this class action says that First American Financial Corporation (FAFC) “expressly promises it will maintain appropriate facilities and systems to protect against unauthorized access to” its customers’ information. Still, it suffered a breach that exposed “approximately 885 million records” relating to sixteen years of mortgage transactions.

Image of Hacker in Hoodie at Computer

You can’t put toothpaste back in the tube. Data breaches are costly to victims because they have no way of taking back their information and must do many things to change card and account information and monitor their credit reports, tax filings, and medical bills for years afterwards. This class action alleges that ABB, Inc. and Baldor Electric Company, known as ABB Motors and Mechanical, Inc., did not take adequate measures to protect employee data.

Starwood Hotels & Resorts Property with Swimming Pool

When data breaches happen, it’s important that companies discover them promptly, put an end to them promptly, and just as promptly let customers know. This data breach class action, against Starwood Hotels & Resorts and its parent company, Marriott International, Inc., claims that hackers had access to customer data for four years and that the companies waited for more than two months before publicizing the breach when they discovered it.

Pages