OnePoint Patient Care notifies 796K of data breach that compromised SSNs, medical info

Update – 11/28: The number of people impacted has increased to 1,741,152. 

OnePoint Patient Care this week confirmed it notified 795,916 people about an August 2024 data breach that compromised names, Social Security numbers, medical record numbers, diagnoses, prescription information, addresses, and residence information.

Ransomware group Inc claimed responsibility for the attack in mid-September.

onepoint oppc ransomware inc

OnePoint Patient Care (OPPC) has not verified Inc’s claim. We do not yet know how attackers breached OPPC’s network, how much Inc demanded in ransom, or whether OPPC paid it. Comparitech contacted OPPC for comment an will update this article if it responds.

OPPC’s notice (PDF) to victims states, “On August 8, 2024, we detected suspicious activity on our computer network. Upon identifying the issue, we promptly initiated an internal investigation, took steps to contain the incident, and engaged a forensic security firm to further investigate. On August 15, 2024, we learned that an unauthorized third party acquired some information from our network between August 6 and August 8, 2024.”

OPPC is offering eligible victims one year of free credit monitoring and identity theft protection via Experian.

Who is Inc?

Inc Ransomware emerged in July 2023 and targets a wide range of victims in healthcare, education, and government. Its initial attack vectors include spear phishing and exploiting known vulnerabilities in software.

Comparitech researchers logged 49 attacks claimed by Inc since the group launched last year, affecting more than 2.2 million records. This breach on OnePoint is Inc’s largest yet by number of records compromised.

Inc is also the gang behind attacks on Access Sports Medicine & Orthopaedics and the City of Coon Rapids, which compromised 88,044 and 2,135 records, respectively.

Inc has claimed another 124 attacks since it launched that haven’t been acknowledged by victims.

Ransomware attacks on US healthcare

Ransomware attacks on hospitals, clinics, and other care providers can steal data and lock down computer systems used for everything from accessing medical records to bill payments. Hospitals might be forced to cancel appointments and switch to pen-and-paper processes until a ransom is paid to unlock their computer systems.

2024 has been a big year for ransomware attacks in the healthcare sector. Comparitech researchers logged 90 confirmed ransomware attacks against US healthcare organizations in 2024, compromising 114.8 million records.

Just this week, Change Healthcare upped the victim count from its breach to 100 million victims, and Gándara Mental Health Center confirmed a June 2024 data breach that compromised 17,543 records. The latter attack was claimed by Rhysida, with a $650,000 ransom demand.

About OnePoint Patient care

Founded in 1980 in Phoenix, AZ, OnePoint Patient Care (OPPC) is a pharmacy and benefits manager for hospices. According to its LinkedIn profile, it serves 40,000 patients per day and employs between 200 and 500 people.