Data breach forces medical debt collector AMCA to file for bankruptcy protection
US medical bill and debt collector American Medical Collection Agency (AMCA) has filed for bankruptcy protection in the aftermath of a disastrous data breach.
AMCA was hacked last year in a time period estimated to be from August 1, 2018, to March 30, 2019, resulting in the theft of information from corporate clients including Quest Diagnostics, LabCorp, BioReference Laboratories, Carecentrix, and Sunrise Laboratories.
The companies in question used AMCA’s payment portal to bill their medical customers.
At least 20 million US citizens have been impacted by the security incident, in which the hacker responsible ransacked AMCA’s internal systems to pillage user data including names, Social Security numbers, addresses, dates of birth, and payment card information.
The stolen data was later advertised for sale in underground web forums.
Following the disclosure of the data breach and the reveal of its widespread impact, multiple class-action lawsuits were filed against Quest Diagnostics, AMCA, and LabCorp. Victims claim that there was an unnecessary delay in informing victims, HIPAA standards may not have been met, and a lack of adequate security may not have been in place to protect their personal information.
US regulators are also investigating the incident and now the ruinous consequences of the data breach have led to AMCA’s parent company, Retrieval-Masters Creditors Bureau Inc., to voluntarily file for Chapter 11 bankruptcy protection.
According to the Chapter 11 declaration (.PDF), filed with the court for the Southern District of New York, AMCA first became aware of a potential security incident when a disproportionate number of credit cards that interacted with the company’s web portal were linked to fraudulent transactions.
While the portal was closed down and an investigation was rapidly launched, the data breach caused a “cascade of events” leading to the bankruptcy request, the most notable being a severe drop in business.
TechRepublic: How HackerOne open sources security–one hacker at a time
“Almost immediately upon learning of the breach, LabCorp unqualifiedly and indefinitely terminated its relationship with the Debtor,” the filing reads. “Soon after, Quest Diagnostics, Conduent, Inc., and CareCentrix, Inc. which together with LabCorp were the Debtor’s four largest clients, stopped sending new work to the Debtor, and all terminated or substantially curtailed their business relationships with the Debtor.”
The filing adds that the data breach “resulted in enormous expenses that were beyond the ability of the Debtor to bear.”
Cybersecurity forensics bills of roughly $400,000, IT support costs, severe restrictions that were put in place to protect AMCA’s network from further intrusion, looming court cases, and the loss of valuable business partners have all taken their toll.
AMCA has been unable to determine exactly what data has been compromised and so has been forced to pay out over $3.8 million to inform over seven million people who have potentially been impacted via mail. This figure alone is more than the company had to hand, forcing AMCA to take out a loan from the CEO and founder, Russell Fuchs, just to meet this expense.
By filing for bankruptcy protection, the business will continue on as usual as AMCA seeks to pay off its creditors.
Employees, too, have suffered, with AMCA’s workforce being cut drastically from 113 to 25 on the date of the petition. Fuchs has asked the court to consider a motion which will ensure the firm’s remaining staff will be paid during the process.
“Accordingly, the Debtor has filed the instant Chapter 11 petition in order to allow it the breathing room to appropriately evaluate its pool of remaining assets and liabilities, cost-effectively respond to regulatory demands, and ultimately, to wind-up of its business in an orderly fashion through a liquidating Chapter 11 plan,” the filing concludes.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0