Mailing and printing services vendor OneTouchPoint has disclosed a data breach impacting more than 30 healthcare providers and health insurance carriers.
Headquartered in Hartland, Wisconsin, OneTouchPoint offers print, marketing execution and supply chain management services to organizations in the healthcare sector.
The company revealed this week that it recently fell victim to a ransomware attack that has resulted in the compromise of personally identifiable information (PII) stored on its systems.
OneTouchPoint says it found encrypted files on some of its systems on April 28 and immediately started investigating the incident. It later discovered that the attackers had accessed its network on April 27, but could not determine which files the attackers had accessed within its network.
The company says it later determined that the compromised systems contained PII provided by its customers, including names, addresses, birth dates, date of service, description of service, diagnosis codes, information provided as part of a health assessment, and member ID.
For one customer, Social Security numbers were also included in the compromised information.
OneTouchPoint also notes that it has been working with its customers to identify the individuals whose information might have been impacted and that it has started sending out data breach notifications on behalf of impacted customers.
In a data breach notice on its website, OneTouchPoint lists 34 healthcare insurance carriers and healthcare services providers that have been impacted, but the number appears to be larger.
At least two other entities – Arkansas Blue Cross and Blue Shield and Blue Shield of California Promise Health Plan – have sent data breach notifications after learning that their subcontractor, Matrix Medical Network, was impacted by the OneTouchPoint ransomware attack.
It is yet unclear how many individuals might have been impacted in the incident.
OneTouchPoint hasn’t shared information on the type of ransomware that was used in the attack.
Related: US: North Korean Hackers Targeting Healthcare Sector With Maui Ransomware
Related: Healthcare Technology Provider Omnicell Discloses Ransomware Attack
Related: Associated Eye Care Discloses Impact From 2020 Netgain Ransomware Attack