The healthcare debt collector ransacked by hackers, who gained access to millions of patients' personal information, has filed for bankruptcy protection.

Retrieval Masters Creditors Bureau, aka American Medical Collection Agency, told the Southern New York US District Court this week that it was seeking chapter 11 bankruptcy protection. That means it's asked a judge to shield it for up to 18 months from creditors' lawsuits, in which money owed is demanded, while it gets its finances in order. The biz lists its address as being in Elmsford, New York, a town about 27 miles from NYC.

The filing [PDF] comes after it emerged AMCA's patient databases, which stored personal and banking details of millions of folks, were infiltrated by crooks. The agency had been recruited by medical testing companies to collect payments from their customers, which is why it was storing their personal records on its subsequently hacked systems.

Those testing labs included Quest Diagnostics (12 million records exposed), LabCorp (8 million), BioReference Laboratories (423,000), Carecentrix (500,000), and Sunrise Laboratories, adding up to more than 20 million records, including several hundred thousand payment card details, at miscreants' fingertips. The network intrusion went undetected for some eight months.

In the fallout of the hack, Quest and Labcorp bore the brunt of public scrutiny and scorn from US Congress, however, as we now see, AMCA has also taken a hit from the cyber-heist, one significant enough to put its future in doubt.

Far from a filing of insolvency, chapter 11 bankruptcy allows a company to shore up its finances without the threat of creditors and aggressive collection agencies such as, ironically enough, AMCA, extracting any money owed.

According to the chapter 11 filing, AMCA says it has somewhere between one and ten million dollars in liabilities, and the same range of money in assets. AMCA noted that it plans to pay off its creditors, estimated to number anywhere from 100 to 199 different people and companies.

The list of those creditors is fairly mundane and seems to mostly be bills for day-to-day activities.

For example, AMCA says it owes IBM $15,299.64 for IT services, and Cablevision is owed $7,679.02, presumably for internet service. The filing makes no mention of Quest Diagnostics, LabCorp, or any of the other customers whose patient data was illegally accessed. ®