Cyber Incident Victim: AllOne Health Resources

In February 2022, AllOne Health Resources, Inc. discovered fraudulent activity when its finance department identified several wire transfers erroneously sent to a fraudulently created bank account. This discovery prompted the company to report the incident to the Federal Bureau of Investigation (FBI) and initiate an internal investigation. The investigation revealed that an unauthorized party had gained access to an employee’s email account, which was exploited to facilitate the fraudulent wire transfers. Following this finding, AllOne Health conducted a comprehensive review of all emails and attachments within the compromised email account to assess potential exposure of consumer data. The review confirmed that the unauthorized party accessed sensitive personal information stored within the email account, including names, addresses, dates of birth, driver’s license numbers, Social Security numbers, and health information. The breach impacted 13,669 individuals, with the specific data elements varying per affected person. AllOne Health Resources, an insurance provider founded in 1971 and headquartered in Wilkes-Barre, Pennsylvania, serves over 1 million employees globally with mental and general health benefits, employs 323 staff, and generates approximately $112 million in annual revenue.

On July 15, 2022, AllOne Health filed an official notice of the breach and began notifying all affected individuals via data breach letters. The company’s investigation did not publicly disclose the exact method by which the unauthorized party gained access to the employee’s email account, though the incident’s discovery stemmed directly from the financial fraud. The breach exposed highly sensitive categories of personal and health information, creating risks of identity theft and financial fraud for impacted consumers. No additional technical details regarding the duration of unauthorized access, specific systems compromised beyond the email account, or containment measures beyond the internal investigation and FBI reporting were disclosed in the company’s public statements. The incident underscored operational disruptions for AllOne Health, including the diversion of resources to investigate the breach, coordinate with law enforcement, and manage consumer notifications. The breach letters aimed to inform affected individuals of the exposure of their data but did not specify whether AllOne Health offered complementary credit monitoring or identity theft protection services in response.