urlscan.io logo urlscan.io
SecurityTrails logo

therecord.media Open in urlscan Pro
2606:4700::6812:621  Public Scan

Back to summary
URL: https://therecord.media/at-least-34-healthcare-orgs-affected-by-alleged-ransomware-attack-on-onetouchpoint/
Submission: On September 28 via manual from IN — Scanned from DE

Form analysis 4 forms found in the DOM

GET https://therecord.media/

<form role="search" method="get" class="search-form" action="https://therecord.media/">
  <input type="text" placeholder="Search" value="" name="s">
  <input type="submit" value="go">
</form>

<form class="search-form">
  <a href="#">
<i class="fas fa-search search-icon"></i>
<i class="fas fa-times close-icon"></i>
</a>
</form>

GET https://therecord.media/

<form role="search" method="get" class="search-form" action="https://therecord.media/">
  <input type="text" placeholder="Search" value="" name="s">
  <input type="submit" value="go">
</form>

POST 

<form action="" method="post" class="newsletterForm">
  <input type="email" name="email" placeholder="your e-mail address">
  <input type="hidden" name="newSubscription" value="1">
  <input type="submit" value="go">
</form>

Text Content

This website stores cookies on your computer. These cookies are used to improve
your website experience and provide more personalized services to you, both on
this website and through other media. To find out more about the cookies we use,
see our Privacy Policy.

Accept
Manage consent
We use cookies to optimize our website and our service. Cookie Policy

Functional

Marketing
Accept allDismissPreferences
 * Leadership
 * Cybercrime
 * Nation-state
 * Government
 * People
 * Technology

 * About
 * Contact
 * Podcast

 * 




SUBSCRIBE TO THE RECORD



Jonathan Greig August 1, 2022


AT LEAST 34 HEALTHCARE ORGS AFFECTED BY ALLEGED RANSOMWARE ATTACK ON
ONETOUCHPOINT

Briefs
Cybercrime
Malware
 * 
 * 
 * 
 * 
 * 

Jonathan Greig

August 1, 2022

 * Briefs
 * Cybercrime
 * Malware

 * 
 * 
 * 
 * 
 * 


AT LEAST 34 HEALTHCARE ORGS AFFECTED BY ALLEGED RANSOMWARE ATTACK ON
ONETOUCHPOINT

A ransomware attack on printing and mailing services provider OneTouchPoint is
having several downstream effects on its customers, prompting it to release a
data breach notice last week on behalf of 34 healthcare organizations.

OneTouchPoint provides its services to several health insurance carriers and
medical providers, which hand over customer information for certain services.

The company did not respond to requests for comment but said in a notice on July
27 that it discovered encrypted files on certain computer systems on April 28.  

More than a month later, the company determined that it “would be unable to
determine what specific files the unauthorized actor viewed within the OTP
network.” The company notified its customers on June 3. 

It is unable to say “definitively” what personal information was accessed by the
ransomware group but noted that it worked with customers to determine what
information was on their network. It offered to mail breach notification letters
to those affected. 

The information included names, healthcare member IDs, as well as information
that was provided during health assessments. The incident was reported to law
enforcement, according to the notice. 

OneTouchPoint has not said how many people were affected by the breach in total.
No ransomware group has taken credit for the attack. 

OneTouchPoint said it was providing notice on behalf of an array of medical
organizations, while Arkansas BlueCross and BlueShield released its own breach
notification in June explaining that 1,423 of its members had their names,
addresses, dates of birth, provider names and medical information exposed in the
attack on OneTouchPoint. 

The organization said it was exposed through Matrix Medical Network, which
previously provided member services for Arkansas Blue Cross. In July Blue Shield
of California Promise Health Plan sent out a breach notification letter as well,
similarly attributing the information exposure to Matrix Medical Network. 

The letter said the information exposed names, subscriber ID numbers, diagnoses,
medications, addresses, dates of birth, sexes, physician demographics
information, family histories, social histories, allergies, vitals,
immunizations, and more.

OneTouchPoint is not providing victims with any identity theft protection
services but Blue Shield of California Promise Health Plan said it was providing
one year of complimentary access to Experian IdentityWorks.

Ransomware attacks on healthcare organizations have continued throughout 2021
and 2022, including recent attacks on a California nonprofit in March by the
Hive ransomware group. 

FBI Director Christopher Wray said last month that an Iran-based group attacked
the Boston Children’s Hospital with ransomware last June. 

In June, the sensitive information of two million people was accessed during a
cyberattack on Shields Health Care Group, a Massachusetts-based healthcare
organization that provides services to more than 50 hospitals and clinics across
the northeast, including hospitals at higher-education institutions like Emerson
College, University of Massachusetts, Tufts University, Wellesley College and
more.

A February ransomware attack on medical debt collection firm Professional
Finance Company caused a widespread data breach affecting 657 healthcare
organizations.

 * 
 * 
 * 
 * 
 * 

Tags
 * cybercrime
 * data breach
 * Healthcare
 * malware
 * OneTouchPoint
 * Ransomware

Jonathan has worked across the globe as a journalist since 2014. Before moving
back to New York City, he worked for news outlets in South Africa, Jordan and
Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Previous article Next article
Pegasus is listening: Q&A with Paul Rusesabagina’s daughter Carine Kanimba
Luxembourg energy companies struggling with alleged ransomware attack, data
breach


BRIEFS

 * Botnet of devices infected with Chaos malware ‘rapidly growing’ across Europe
   September 28, 2022
 * Nearly 700 ransomware incidents traced back to wholesale access markets:
   report September 28, 2022
 * Log4j: Senators introduce bill centered on CISA open source security efforts
   September 23, 2022
 * Senators Wyden, Warren urge NTIA to protect ‘highly sensitive’ domain
   registration info September 21, 2022
 * Iran shutters mobile networks, Instagram, WhatsApp amid protests September
   21, 2022
 * European police identify dozens of Ukrainian human trafficking victims
   through online platforms September 21, 2022
 * Cyberattack on New York Racing Association leaked personal info of employees
   September 20, 2022
 * Revolut mobile banking startup confirms data breach of 50,000 users September
   20, 2022


RANSOMWARE TRACKER: THE LATEST FIGURES [SEPTEMBER 2022]



Ransomware tracker: the latest figures [September 2022]






H1 2022: MALWARE AND VULNERABILITY TRENDS REPORT



H1 2022: Malware and Vulnerability Trends Report






RUSSIAN INFORMATION OPERATIONS AIM TO DIVIDE THE WESTERN COALITION ON UKRAINE



Insikt Group: Russian Information Operations










VULNERABILITY SPOTLIGHT: DIRTY PIPE



Insikt Group: Dirty Pipe










THE BUSINESS OF FRAUD: BANK FRAUD



Insikt Group: Bank Fraud












OVERVIEW OF THE 9 DISTINCT DATA WIPERS USED IN THE UKRAINE WAR



Insikt Group: Data Wipers











 * 
 * 
 * 
 * 
 * 

 * About Us
 * Privacy Policy

© Copyright 2022 | The Record by Recorded Future