On October 24, 2024, OnePoint Patient Care filed a notice of data breach with the Attorney General of Texas after discovering that an unauthorized actor was able to access portions of the company’s computer network. In this notice, OPPC explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, residence information, medical record numbers, and diagnosis & prescription information. Based on a similar filing with the U.S. Department of Health and Human Services Office for Civil Rights, the OnePoint Patient Care data breach affected 795,916 people in total.
If you received a data breach notification from OnePoint Patient Care, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the OnePoint Patient Care data breach. For more information, please see our recent piece on the topic here.
What Caused the OnePoint Patient Care Data Breach?
The OnePoint Patient Care data breach was only recently announced, and more information is expected in the near future. However, OPPC’s filing with the Attorney General of Texas provides some important information on what led up to the breach. OnePoint Patient Care also posted a website notice discussing the incident.
According to these sources, on August 8, 2024, OPPC detected unusual activity within its computer network. In response, OPPC contained the incident, notified law enforcement, and then launched an investigation with the help of external data security experts.
On August 15, 2024, OPPC confirmed that an unauthorized party was able to access portions of its computer network between August 6, 2024 and August 8, 2024. It was later determined that some of the files that were compromised contained confidential consumer information.
After learning that sensitive consumer data was accessible to an unauthorized party, OnePoint Patient Care reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, residence information, medical record number, and diagnosis & prescription information.
On October 21, 2024, OnePoint Patient Care posted notice of the incident on its website, indicating that it will be sending out data breach letters to anyone who was affected by the recent incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About OnePoint Patient Care
Founded in 1965, OnePoint Patient Care is a national, hospice-focused pharmacy based out of Tempe, Arizona. OPPC is both a pharmacy and a Pharmacy Benefit Manager (“PBM”), as it provides concierge PBM services in addition to traditional pharmacy services. OPPC operates more than 100 company-owned pharmacies across the United States and works with over 55,000 contracted network pharmacies. OnePoint Patient Care employs more than 341 people and generates approximately $82 million in annual revenue.
