Mailing and printing services vendor OneTouchPoint has disclosed a data breach impacting more than 30 healthcare providers and health insurance carriers.
Headquartered in Hartland, Wisconsin, OneTouchPoint offers print, marketing execution and supply chain management services to organizations in the healthcare sector.
The company revealed this week that it recently fell victim to a ransomware attack that has resulted in the compromise of personally identifiable information (PII) stored on its systems.
OneTouchPoint says it found encrypted files on some of its systems on April 28 and immediately started investigating the incident. It later discovered that the attackers had accessed its network on April 27, but could not determine which files the attackers had accessed within its network.
The company says it later determined that the compromised systems contained PII provided by its customers, including names, addresses, birth dates, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID.
For one customer, Social Security numbers were also included in the compromised information.
OneTouchPoint also notes that it has been working with its customers to identify the individuals whose information might have been impacted and that it has started sending out data breach notifications on behalf of impacted customers.
In a data breach notice on its website, OneTouchPoint lists 34 healthcare insurance carriers and healthcare services providers that have been impacted, but the number appears to be larger.
At least two other entities – Arkansas Blue Cross and Blue Shield and Blue Shield of California Promise Health Plan – have sent data breach notifications after learning that their subcontractor, Matrix Medical Network, was impacted by the OneTouchPoint ransomware attack.
It is yet unclear how many individuals might have been impacted in the incident.
OneTouchPoint hasn’t shared information on the type of ransomware that was used in the attack.
Related: US: North Korean Hackers Targeting Healthcare Sector With Maui Ransomware
Related: Healthcare Technology Provider Omnicell Discloses Ransomware Attack
Related: Associated Eye Care Discloses Impact From 2020 Netgain Ransomware Attack

More from Ionut Arghire
- Linux Variant of Cl0p Ransomware Emerges
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Florida Hospital Cancels Procedures, Diverts Patients Following Cyberattack
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Atlassian Warns of Critical Jira Service Management Vulnerability
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
Latest News
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
