On June 3rd, the American Medical Collection Agency (AMCA), a billing collections service provider, announced there was a breach containing data from various entities including Quest Diagnostics, one of the largest lab testing companies in the country. Nearly 12 million Quest Diagnostics patients may be affected in the data breach. The investigation is ongoing, believing the information includes “personal information, including certain financial data, Social Security numbers, and medical information, but not laboratory test results.”

The good news is that (hopefully) the medical data wasn’t compromised. When there’s a breach with social security numbers and bank information, it causes obvious problems, but can be solved through banks. When medical information or health insurance information is exposed, it can be used to commit fraud through getting medication or services not covered. Once someone uses your health information, your medical records start including their information. Think about it: If your blood type is changed in your record, it can be fatal and you wouldn’t ever know it until it’s an emergency situation.

Medical records and insurance information is extremely vulnerable. Through the ACA in 2009, there were billions of dollars of incentives to move to digital record to improve costs and accuracy. The problem was it didn’t incentivize organizations to secure the data, making everything electronic but with very little security. Cyber criminals recognized this and know that medical records contain a treasure trove of information. The value of a medical record sky rocketed on the black market to $1,500 per record. To compare, financial information or social numbers are only worth a couple bucks. So in 2015, almost every healthcare organization was attacked–258 million records in total were stolen.

That included tens of millions of children’s records, which have a very high value because a criminal can use that identity undetected for years until they turn 18, and use their own social security number to get a loan, credit card, or rent an apartment. Children’s medical records are 51X more likely to be stolen because criminals can use it for so many years. Children now are more likely than ever to be unknowing victims of identity theft. Carnegie Mellon found in a study that 1 out of 10 children are victims of identity theft.

The best thing to help your child is to check if their identity has been stolen. Pull a credit report at annualcreditreport.com. If a report comes back, it’s highly likely that someone is using their identity because they shouldn’t have a report. If you find out there is a problem, you have to go in recovery mode. You will have to contact every hospital, pharmacy, doctor and have them remove that data. It’s a daunting task, for sure, but if medical data gets out, it could mark your kids and they could lose their ability to get a job or life insurance. Once medical data is out, it’s almost impossible to get back. There’s no way to change your DNA or a certain disease, so hugely problematic. Medical identity theft is most damaging variety of identity.

Another key thing is having an identity theft protection service to not only help to monitor and prevent fraud, but also one that has a recovery expert if it’s already too late. MyIDCare has dedicated recovery advocates that will handle the headache of retrieving all that information for you.