• Home
  • /Learn
  • /AMCA: From Breach to Bankruptcy in 8 months
background image


AMCA: From Breach to Bankruptcy in 8 months


With the enhancement of technology, we are constantly shifting into a digital world. As a result, data breach is a growing concern that can cause significant damage to any company. It can impact a business financially, tarnish their reputation, and cause clients to lose faith in the organization. A data breach can compromise sensitive information such as a client’s name, phone number, address, social security number, and bank account information.

The American Medical Collection Agency had a data breach that occurred from August 1st, 2018 to March 30th, 2019. This massive data breach compromised millions of patients’ data and was operative for 8 months. The breach left 11.9 million of Quest Diagnostics patients and 7.7 million of LabCorp’s patients data exposed. AMCA confirmed that 6600 patients out of the 422, 600 patients, whose information was stored in AMCA’s system, may have suffered a loss of bank account information and credit cards. Hence, as a remedy, the patients were offered identity protection and credit card monitoring for 2 years for free.

Data breach is a profitable industry for cybercriminals and can be very costly to recover from for businesses. In 2018, the average cost of a data breach in Canada was $4.74 million USD. The data breach that occurred at AMCA cost the company millions of dollars. Russell Fuchs, CEO of Retrieval-Masters Creditors Bureau, the parent company of AMCA had spent $3.8 million to notify the 7 million people affected by the breach and another $400,000 to hire experts to investigate the incident. AMCA was forced to liquidate assets worth $10 million to pay for the incurred expenses. Furthermore, Fuchs, the CEO lent an additional $2.5 million to help with bearing the costs.

Why do data breaches occur?

Cybercrimes happen daily due to a number of reasons. Consequently, it is important to be knowledgeable of the fundamental source of the problem in order to take steps to eliminate data breaches. The four most common causes for targeted attacks are listed below:

  • Human error is one of the biggest risks for cybercrimes. It can occur for things such as having a weak or insecure password making it easier for cybercriminals to decrypt it.

  • Malware attacks are often used to deceit users into allowing access to confidential information. Cybercriminals can use spam or phishing in order to download viruses or direct the user to a phony website to reveal passwords and other credentials.

  • Insider misuse is another common reason that is often overlooked. Employees pose threats when they use information improperly. This can happen in two ways; employees can misuse information that they have legitimate access to or when they accidently stumble upon information that the company did not ensure the appropriate access controls for.

  • Physical theft involves theft of laptops, desktops, storage devices and paperwork that hold sensitive information of the company.

AMCA applies for bankruptcy

AMCA declared that they were unable to endure the costs affecting the massive data breach that had occurred. As a result, the company applied for bankruptcy in the Chapter 11 filing with the New York Southern Bankruptcy Court. Fuchs, the CEO stated in the Chapter 11 filing that AMCA suffered “enormous expenses that were beyond the ability of the debtor to bear.”

Businesses and corporations of all sizes and nature are potential targets to cyber attacks. The data breach at AMCA is an incident that any organization should learn from and take extra steps to improve their own security. It is important to educate and be diligent while working in order to protect the business from cybercrimes and secure the clients’ information. Hence, ensuring the success of the company and its’ reputation.