(Reuters) – Opko Health Inc on Thursday said it was notified by its former billing collections vendor about unauthorized access to information on nearly 422,600 customers, making it the third healthcare company to be affected by the incident.
American Medical Collection Agency (AMCA) informed Opko Health that the compromised data may include credit card and bank account information, email addresses and other data such as address, phone number and balance information.
However, the company said no social security numbers, bank account passwords or security questions were compromised in the unauthorized activity that occurred between August 1, 2018 and March 30, 2019.
Earlier this week, rivals Quest Diagnostics Inc and Laboratory Corporation of America Holdings also announced that they were apprised of unauthorized access to their customer data stored on AMCA system.
Opko Health said it has not yet received the list of affected customers and had not been able to verify the accuracy of the information received from AMCA.
AMCA told Opko Health that it was notifying state attorneys general and other state agencies and nearly 6,600 customers that availed Opko’s testing services and whose credit card or bank account details were stored in AMCA’s affected system.
Opko Health said its affected unit, BioReference Laboratories Inc, suspended collection requests to AMCA since October last year, and has asked the vendor to stop working on any pending collection requests involving the company’s customers.
Reporting by Saumya Sibi Joseph in Bengaluru; Editing by Shinjini Ganguli