Clinical Pathology Laboratories (CPL) has alerted 34,500 patients in the U.S. of a data breach with an outside debt collection agency it uses, resulting in exposure of personal information, including names, addresses, and dates of birth, as well as credit card and banking information.
The breach affects customers whose records had been turned over to the American Medical Collection Agency (AMCA), reported CPL, which runs laboratories across the southwest U.S.
Furthermore, personal information -- including names, addresses, dates of birth, and treatment provider information -- of another 2.2 million patients may have been compromised in the breach. However, in these cases, credit card and banking information was not placed at risk, according to CPL.
Laboratory and clinical results are not provided to AMCA, and CPL's own system was not breached, the company noted. CPL has notified patients affected by the incident to monitor their financial accounts for suspicious activity and says it will no longer be using AMCA for debt collection.