Common Ground Healthcare Cooperative recently informed 133,714 plan members that their data was likely accessed during a hacking incident and subsequent ransomware attack of its mailing vendor, OneTouchPoint.
OTP previously issued a notice on behalf of 30 health plans as impacting 1.07 million individuals. The patients from CGHC and the separate notice from Aetna ACE in Connecticut for 326,278 members brings the total OTP breach tally to over 1.53 million affected individuals.
The hacked servers contained information that varied by patient and could include member names, IDs, dates of birth, contact information, diagnosis codes, description of services and personal information provided during health assessments. For one covered entity, Social Security numbers were included.
OTP has since reported the incident to regulators and law enforcement and is taking steps to bolster its security safeguards, policies, and procedures.