OneTouchPoint

OneTouchPoint, operating under the alias OneTouchPoint, is a printing and mailing services provider headquartered in the United States of America. The company’s primary market consists of healthcare organizations, including insurance carriers and medical providers, for which it produces and distributes printed communications. Its services involve the handling of protected health information such as names, healthcare member IDs, addresses, dates of birth, diagnoses, medications, provider details, and medical histories. By concentrating on the healthcare sector, OneTouchPoint operates under regulatory requirements that mandate safeguards for personal health data, notably the Health Insurance Portability and Accountability Act (HIPAA). The firm’s core business revolves around the secure creation, processing, and delivery of documents and mailings for its clients. This focus on healthcare‑related printing and mailing distinguishes it from general commercial print providers.

On April 28, 2022, OneTouchPoint suffered a ransomware attack that encrypted files on its systems and subsequently compromised data from at least thirty‑four healthcare organizations. The breach exposed the same types of data that the company routinely processes, comprising personal identifiers and health‑related information. Although OneTouchPoint could not definitively determine which specific files were accessed by the unauthorized actors, several healthcare clients confirmed downstream breaches affecting their members. One affected healthcare entity reported that over 1,400 individuals were impacted by the incident and arranged complimentary credit monitoring services for those individuals. OneTouchPoint did not provide identity theft protection directly, but it notified law enforcement of the attack and cooperated with the investigation. No ransomware group claimed responsibility for the event, which underscored the risks associated with cyber threats to vendors that manage sensitive healthcare data.