Mailing and printing products and services seller OneTouchPoint has disclosed an information breach impacting greater than 30 healthcare suppliers and medical health insurance carriers.
Headquartered in Hartland, Wisconsin, OneTouchPoint provides print, advertising and marketing execution and provide chain control products and services to organizations within the healthcare sector.
The corporate printed this week that it just lately fell sufferer to a ransomware assault that has resulted within the compromise of in my opinion identifiable data (PII) saved on its programs.
OneTouchPoint says it discovered encrypted recordsdata on a few of its programs on April 28 and in an instant began investigating the incident. It later came upon that the attackers had accessed its community on April 27, however may just no longer resolve which recordsdata the attackers had accessed inside its community.
The corporate says it later decided that the compromised programs contained PII supplied via its shoppers, together with names, addresses, start dates, date of carrier, description of carrier, analysis codes, data supplied as a part of a well being review, and member ID.
For one buyer, Social Safety numbers have been additionally integrated within the compromised data.
OneTouchPoint additionally notes that it’s been operating with its shoppers to spot the folks whose data may had been impacted and that it has began sending out information breach notifications on behalf of impacted shoppers.
In a information breach understand on its website online, OneTouchPoint lists 34 healthcare insurance coverage carriers and healthcare products and services suppliers which have been impacted, however the quantity seems to be higher.
No less than two different entities – Arkansas Blue Pass and Blue Protect and Blue Protect of California Promise Well being Plan – have despatched information breach notifications after finding out that their subcontractor, Matrix Clinical Community, was once impacted via the OneTouchPoint ransomware assault.
It’s but unclear how many people may had been impacted within the incident.
OneTouchPoint hasn’t shared data on the kind of ransomware that was once used within the assault.