Two U.S. medical testing companies are reporting almost 20 million customers have had their personal and financial data exposed because of a security breach at a third-party vendor.

Quest Diagnostics reported 11.9 million patients have been affected by the breach with LabCorp indicating 7.7 million customers are at risk, according to the Washington Post. The data breach occurred at the companies’ billing contractor American Medical Collection Agency, which had an “unauthorized user” gain access to customers’ financial and personal information from August through March.

The breach exposed customers’ credit card and other financial information as well as social security numbers, birthdays, addresses, phone numbers, and account balances. Medical tests and lab reports were not breached.

What can identity thieves do with this information?

Identity thieves can use stolen financial and personal information to do the following:

  • Open credit cards
  • Open new accounts
  • Make fraudulent purchases
  • Clone ATM or debit cards
  • Change billing addresses
  • Obtain new drivers’ licenses or other forms of ID
  • Use the false identity when questioned by police.

Make sure your identity and credit reports are being monitored. IdentityIQ actively monitors your credit report and non-credit-related information and notifies you of any changes or suspicious activity. Sign up for a identity theft protection plan now.