Third Party Compromise Leads to Quest Diagnostics Data Breach
Many may be under the false assumption that because their company is up to date on cybersecurity, they are under no risk of being hacked. Unfortunately, your company alone isn’t enough to combat the growing expertise of cyber hackers.
Take medical testing giant Quest Diagnostics for example. Quest Diagnostics has total equity just south of $5 billion, yet still found themselves amid a data breach that affected around 12 million patients. How could an industry giant succumb to such an occurrence?
Third party compromise. American Medical Collection Agency, the third party collections vendor for Quest Diagnostics, was hacked by an “unauthorized user”. Compromised information included Social Security numbers and medical information, but not test results. Quest said it has suspended using AMCA and are consulting “forensic experts” to monitor the breach.
Even industry giants can fall victim to malicious cyber-attacks, especially if they are partnered with companies are breached. Organizations must not only look within when dealing with cyber security, but they must also ensure that the companies they have close business ties with are doing the same.
Story via CNN