Medical debt collector files for bankruptcy following data breach

The American Medical Collection Agency (AMCA) has filed for bankruptcy after a data breach compromised the data of millions of patients.

The bankruptcy follows after the AMCA was hacked last year, affecting millions of patients from Quest Diagnostics, LabCorp, BioReference, CareCentrix Inc. and Conduent Inc. As a result multiple class-action lawsuits had been filed against some of the companies due to the lack of security, the delay in informing victims of the breach and the HIPAA standards not being met.

The lawsuit and breach have now led to Retrieval-Masters Creditors Bureau Inc., AMCA’s parent company, filing for Chapter 11 bankruptcy.

The declaration, filed in the Southern District of New York reads:

“Almost immediately upon learning of the breach, LabCorp unqualifiedly and indefinitely terminated its relationship with the Debtor. Soon after, Quest Diagnostics, Conduent, Inc., and CareCentrix, Inc. which together with LabCorp were the Debtor’s four largest clients, stopped sending new work to the Debtor, and all terminated or substantially curtailed their business relationships with the Debtor.”

It continued to state that the data breach “resulted in enormous expenses that were beyond the ability of the debtor to bear”.

As a result from the data breach, the Debtor had to hire IT professionals and consultants that cost approximately $400,000, as well as spend in excess $3.8 million in order to mail over seven million individual breach notices.

The company was forced to take out a loan from the CEO and founder Russell Fuchs just to meet expenses and the workforce had been reduced from 113 to 25.

“The Debtor no longer is optimistic that it will be able to rehabilitate its business.”

The filing concludes:

“Accordingly, the Debtor has filed the instant Chapter 11 petition in order to allow it the breathing room to appropriately evaluate its pool of remaining assets and liabilities, cost-effectively respond to regulatory demands, and ultimately, to wind-up of its business in an orderly fashion through a liquidating Chapter 11 plan,”

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.