World

Medical Debt Collector, 41 US States Reach Settlement Over Hack of 21Mln Americans' Data

WASHINGTON (Sputnik) - A medical debt collection firm that lost the personal information of 21 million people in a 2019 hack reached a settlement with 41 US states, New York Attorney General Letitia James announced.
Sputnik
“Today’s agreement ensures that the company has the appropriate security and incident response plan in place so that a failure like this does not take place again,” James said in a press release on Thursday.

Between August 2018 and March 2019, an unauthorized user gained access to American Medical Collection Agency’s (AMCA) computers, despite multiple warnings of a potential breach from banks that processed payments to the company, the release said.

The settlement with 41 state attorneys general requires AMCA to implement a series of security practices that include hiring both a qualified chief information security officer and a third-party assessor to perform a security assessment, the release added.

ACAM would also be subject to a $21 million penalty for violating the agreement, according to the release.

Discuss