Data breach forces AMCA medical debt collector to file for bankruptcy


The US Medical Bill and Debt Collection Agency (AMCA) has filed for bankruptcy following a disastrous data breach.

AMCA was hacked last year in a period estimated between August 1, 2018 and March 30, 2019, resulting in the theft of information from corporate customers including Quest Diagnostics, LabCorp, BioReference Laboratories, Carecentrix and Sunrise Laboratories.

The companies in question used the AMCA payment portal to bill their medical customers.

At least 20 million US citizens were affected by the security incident, in which the responsible hacker ransacked AMCA’s internal systems to loot user data, including names, social security numbers, addresses, dates of birth and payment card information.

The stolen data was then advertised for sale in underground web forums.

See also: Quest Diagnostics massive data breach affects 12 million patients

Following the disclosure of the data breach and the revelation of its widespread impact, several class actions were filed against Quest Diagnostics, AMCA and LabCorp. The victims claim that there has been an unnecessary delay in informing victims, that HIPAA standards may not have been met, and that a lack of adequate security may not have been put in place to protect their personal information.

U.S. regulators are also investigating the incident and now the dire consequences of the data breach have led AMCA’s parent company, Retrieval-Masters Creditors Bureau Inc., to voluntarily file for bankruptcy (Chapter 11). .

According to Chapter 11 statement (.PDF), filed with the Southern District Court of New York, AMCA first became aware a potential security incident when a disproportionate number of credit cards that interacted with the company’s web portal were linked to fraudulent transactions.

As the portal was closed and an investigation was quickly launched, the data breach caused a “cascade of events” leading to the request for bankruptcy, most notable being a sharp drop in business.

TechRepublic: How HackerOne opens source security – one hacker at a time

“Almost immediately upon learning of the violation, LabCorp unreservedly and indefinitely terminated its relationship with the debtor,” the file said. “Shortly thereafter, Quest Diagnostics, Conduent, Inc. and CareCentrix, Inc. which, along with LabCorp, were the debtor’s four largest customers, stopped sending new work to the debtor and all terminated or significantly reduced their business relationship with the debtor. ”

The case adds that the data breach “resulted in huge expenses that were beyond the debtor’s capacity to bear.”

Cybersecurity bills of around $ 400,000, IT support costs, severe restrictions put in place to protect AMCA’s network from further intrusions, impending lawsuits and the loss of valuable business partners have all taken their toll. ravages.

The AMCA was unable to determine exactly what data was compromised and was therefore forced to shell out more than $ 3.8 million to notify more than seven million potentially affected people via mail. That figure alone is more than the company had available, forcing AMCA to take out a loan from CEO and founder Russell Fuchs just to meet the expense.

By filing for bankruptcy, the business will continue as usual as the AMCA seeks to repay its creditors.

CNET: As smart TVs become the only option, your privacy choices run out of steam

Employees have also suffered, as the AMCA’s workforce has been drastically reduced from 113 to 25 as of the date of the petition. Fuchs has asked the court to consider a petition that will ensure the company’s remaining staff are paid during the process.

“As a result, the Debtor filed the Chapter 11 Snapshot Request to enable it to appropriately assess its portfolio of remaining assets and liabilities, cost-effectively meet regulatory requirements, and ultimately liquidate his business in an orderly manner thanks to a Chapter 11 liquidation plan, ”the case concludes.

Prior and related coverage

Do you have any advice? Contact us securely via WhatsApp | Call +447 713 025 499, or Keybase: charlie0


About Author

Leave A Reply