Major U.S. hospice pharmacy and pharmacy benefits management service provider OnePoint Patient Care had more than 1.74 million individuals' data compromised following an August intrusion claimed by the INC Ransom ransomware-as-a-service operation, reports Cybernews.
In a filing with the Office of the Maine Attorney General, OPPC disclosed that infiltration of its systems resulted in the exfiltration of individuals' names, residence details, Social Security numbers, diagnoses, medical record numbers, and prescription information although there has been no evidence to suggest misuse of the compromised data. Affected individuals have been given one year of complimentary identity protection and credit monitoring services. "While we are uncertain that your personal information was obtained, out of an abundance of caution, are notifying you of that potential," said OPPC. Such a development comes after the incident was initially reported to have impacted more than 795,000 people. INC Ransom was also reported to have exposed the stolen data after OPPC refused to meet the ransomware gang's demands.
