Breach and Bankruptcy

Breach puts top debt collection supplier out of business.

Ostra can help make sure SMB suppliers are not the weak link.

American Medical Collection agency (AMCA) was a supplier of medical debt collection services to large clinical laboratories, hospitals and physicians groups until a data breach put them out of business last week. The breach exposed personally identifiable information (PII), healthcare and financial data belonging to enterprise customers, and almost immediately after it was discovered four of AMCA’s largest clients  — Quest, LabCorp, Conduent Inc. and CareCentrix Inc. — stopped doing business with the company. In early attempts to reverse the situation, CEO Russell H. Fuchs personally lent the company $2.5 million, but loss of revenue along with an estimated $4.2 million in remediation costs ultimately drove the company out of business.

Third party SMBs like AMCA are integral to the enterprise business ecosystem, and SMB’s lacking strong security increasingly find they are targets of attack. Many SMBs rely on entry level commodity security products such as traditional anti-virus and firewall defenses that only address one risk. While some larger SMB’s may utilize more comprehensive products, these are non-enterprise grade solutions that hackers understand and can exploit. According to recent cybersecurity statistics over the past 12 months SMB’s accounted for over 58% of all data breaches. At an average cost of $3M the impact is enormous and possibly devastating for SMB’s. 

As AMC discovered in the wake of their breach, large enterprise customers are quick to decide ongoing business is too risky and terminate the business relationship. Costly forensics to determine what data was stolen may not provide a definitive answer, escalating remediation costs to include notification of all potential victims and incurring legal fees if the breach leads to a lawsuit. All of this can be too much for an SMB to absorb, as was the case for AMCA who filed for bankruptcy early last week. How can SMBs avoid being targeted, breached and ultimately ruined by an attack? SMB’s who supply services to large enterprise customers need to understand that security solutions reliant on traditional methods have holes that hackers know about. Bad actors can enter and remain undetected inside networks that are protected by non-enterprise grade solutions, and use intelligence gathering software to carry out planned sophisticated attacks that maximize damage and theft.  To avoid an attack that could lead to the dire outcome faced by AMCA this week, SMBs need to have an enterprise-grade comprehensive security solution that provides integrated prevention, detection and quarantine tools based on threat behavior characteristics.

Ostra Enterprise Grade Security solution gives SMB’s access to the best-in-class security services used by their enterprise partners. Ostra not only protects the SMB IT environment, but more importantly protects the SMB’s ability to stay in business.