Onepoint Data Breach Affects 50,073 in Texas Alone

Onepoint Patient Care recently disclosed a significant data breach that may have exposed sensitive personal and medical information of its patients.

The breach occurred between August 6 and August 8, 2024, when an unauthorized third party gained access to the company’s computer network. The breach was detected on August 8, 2024, and an investigation revealed that data was stolen during this two-day period.

The breach impacted a large number of individuals across multiple states. In Texas alone, 50,073 people were affected, while South Carolina reported 1,623 individuals impacted.

The stolen information included a wide range of sensitive data, such as:

• Names
• Addresses
• Social Security numbers
• Dates of birth
• Medical information
• Health insurance information
• Financial account information
• Driver’s license numbers
• State identification numbers

This breach is particularly severe due to the nature of the information exposed. The inclusion of Social Security numbers, medical records, and financial details increases the risk of identity theft and fraud for those affected.

Upon detecting the breach on August 8, 2024, Onepoint Patient Care immediately took steps to contain the incident. The company launched an internal investigation and engaged a forensic security firm to analyze the breach and secure its systems.

By August 15, 2024, the investigation confirmed that data had been stolen.

Onepoint Patient Care has since notified law enforcement and is cooperating with their investigation. To assist affected individuals, the company is offering a complimentary one-year membership to Experian IdentityWorks Credit 3B. This service provides credit monitoring, identity restoration support, and up to $1 million in identity theft insurance. Details on how to enroll in this service are included in the company's notice to consumers.

Additionally, the company has strengthened its cybersecurity measures to prevent future incidents. You can review the full notice to consumers, including enrollment instructions for the credit monitoring service, on the Massachusetts Attorney General’s website.

If you believe your information may have been exposed in this data breach, it is important to take immediate steps to protect yourself. Here’s what you should do:

1. Enroll in the free credit monitoring service: Onepoint Patient Care is offering a one-year membership to Experian IdentityWorks Credit 3B. This service includes daily credit monitoring, identity restoration support, and identity theft insurance. Follow the instructions provided in the notice to activate your membership.
2. Monitor your credit reports and financial accounts: Regularly review your credit reports for any unauthorized activity. You can obtain free weekly credit reports from the three major credit bureaus at AnnualCreditReport.com.
3. Place a fraud alert or credit freeze: Consider placing a fraud alert on your credit file, which will notify creditors to take extra steps to verify your identity before opening new accounts. For stronger protection, you can place a credit freeze to prevent any new credit from being opened in your name without your consent.
4. Report suspicious activity: If you notice any unauthorized transactions or accounts, report them immediately to your financial institution and the Federal Trade Commission (FTC) at IdentityTheft.gov.
5. Stay vigilant: Be cautious of phishing emails or phone calls that may attempt to exploit your exposed information. Avoid sharing sensitive information unless you are certain of the recipient’s legitimacy.

For more guidance, visit the FTC’s identity theft prevention resources.

For further details, you can view the Texas Attorney General’s disclosure and the South Carolina Attorney General’s disclosure.