Omni Family Health Data Breach Affects Patients' Sensitive Info

In a recent data breach, Omni Family Health, a healthcare provider based in Bakersfield, California, experienced a significant security incident. On August 7, 2024, the company discovered that sensitive information had been stolen from their systems and subsequently posted on the dark web. The dark web is a part of the internet not accessible through standard search engines and is often used for illicit activities.

The ransomware group, Hunters International, took credit for the breach by posting to their dark web website. In the post, the group claimed to have 2.7 terabytes of Omni's data and threatened to make the data publicly available if they were not paid the ransom.

Unfortunately, it appears as though the data was in fact posted publicly.

The breach affected individuals who are current or former patients and employees of Omni Family Health or those who were referred to the organization for healthcare services.

The types of consumer information exposed in this breach include:

• Name
• Address
• Social Security number
• Date of birth
• Health insurance plan information
• Medical information

Omni Family Health swiftly engaged external cybersecurity specialists to investigate the claims and notified federal law enforcement to assist in their efforts. The investigation confirmed that the data posted online was indeed related to Omni's patients and employees. As a result, the company has reached out to individuals whose information might have been compromised.

Omni Family Health's Response

In response to the breach, Omni Family Health has taken several steps to address the situation and protect the affected individuals. They have strengthened their security measures to prevent future incidents and are offering 12 months of complimentary credit monitoring and identity protection services through Experian. This service aims to help individuals monitor their personal information and detect any fraudulent activity that may arise from the breach.

Omni Family Health encourages all potentially affected individuals to remain vigilant by regularly reviewing their accounts and monitoring their credit reports for any suspicious activity. They have also set up a dedicated call center to assist with any questions or concerns related to the breach.

Steps for affected individuals

If you believe you may have been affected by this data breach, there are several steps you can take to protect your personal information:

1. Register for Identity Protection Services: Omni Family Health is offering complimentary access to Experian IdentityWorks for 12 months. Be sure to enroll before the provided deadline to take advantage of this service.
2. Review Your Accounts: Regularly check your financial accounts and credit reports for any unauthorized transactions or changes.
3. Order a Credit Report: You are entitled to one free credit report annually from each of the three major credit reporting agencies. Visit Annual Credit Report to obtain your reports.
4. Contact Authorities: If you suspect identity theft, report it to the Federal Trade Commission (FTC) and your local law enforcement. The FTC's website, IdentityTheft.gov, offers resources to help you recover from identity theft.
5. Consider a Security Freeze: You can place a security freeze on your credit reports to prevent new accounts from being opened in your name without your consent.

By taking these proactive steps, you can help safeguard your personal information and minimize the risk of identity theft.

For more details, you can view the disclosure on the California Attorney General's website and the Massachusetts Attorney General’s.