Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
OneTouchPoint data breach overview:
- Who: Two class action lawsuits were filed the same day against OneTouchPoint, a company that provides marketing services to health and medical providers.
- Why: The plaintiffs say the company was negligent in storing patient data.
- Where: The lawsuits were filed in a Wisconsin federal court.
Two class action lawsuits were filed the same day against OneTouchPoint, a company that provides marketing services to health and medical providers, in the wake of a recent data breach.
Plaintiffs Michael Meeks and Thomas Luca each launched lawsuits against OneTouchPoint, Inc. Aug. 9 in a Wisconsin federal court with both plaintiffs alleging different violations of the law.
Luca alleges negligence and breach of fiduciary duty while Meeks alleges negligence, breach of implied contract, unjust enrichment and invasion of privacy.
The two lawsuits stem from an April data breach that resulted in unauthorized access to patient data, both lawsuits allege.
According to Meeks’ lawsuit, the “targeted cyberattack” affected the data of more than one million people.
“Information compromised in the Data Breach includes names, addresses, member ID numbers, dates of birth and Social Security Numbers and medical and health assessment information, diagnosis codes and description of services,” Meeks states in her OneTouchPoint data breach class action.
OneTouchPoint cyberattack class actions allege OneTouchPoint negligent with patient data
OneTouchPoint is a health care provider vendor that provides printing and mailing marketing services to various health insurance carriers and medical providers.
To provide these services, OneTouchPoint obtains patient data from about 34 healthcare providers, Luca’s OneTouchPoint cyberattack lawsuit says.
However, as a “direct and proximate result of OneTouchPoint’s inadequate data security” and its breach of its duty to handle patient data with reasonable care, hackers were able to access the information and expose it to an “untold number” of unauthorized individuals, Luca alleges.
Despite the fact that OneTouchPoint became aware of the breach by April 28, it failed to notify victims within 60 days, as required by law, the OneTouchPoint cyberattack class actions state.
Luca and Meeks are both looking to represent anyone in the United States whose information was compromised in the OneTouchPoint data breach.
They each seek certification of the class action, damages, fees, costs and a jury trial.
In related data breach news, the Office of Personnel Management (OPM) and its contractor Peraton have agreed to pay $63 million to settle a data breach class action lawsuit.
The settlement benefits consumers who suffered losses in connection to the Office of Personnel Management’s 2014 and 2015 cyber attacks or Peraton’s 2013 and 2014 cyber attacks.
Were you impacted by the OneTouchPoint data breach? Let us know your experience in the comments!
Meeks is represented by Joseph M. Lyon of The Lyon Firm, LLC and Terence R. Coates and Jonathan T. Deters of Markovits, Stock & Demarco, LLC.
Luca is represented by Gary F. Lynch, Nicholas A. Colella and Hannah Barnett of Lynch Carpenter, LLP.
The OneTouchPoint Luca class action lawsuit is Thomas Luca v. OneTouchPoint, Inc., Case No. 2:22-cv-00912, in the U.S. District Court for the Eastern District of Wisconsin.
The OneTouchPoint Meeks class action lawsuit is Michael Meeks v. OneTouchPoint, Inc., Case No. 2:22-cv-00910, in the U.S. District Court for the Eastern District of Wisconsin.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
92 thoughts onOneTouchPoint data breach class actions allege cyberattack affected over 1M patients
I also received a letter from OneTouchPoint. Letter dated, 8/12/2022, postage dated 8/22/2022.
I have received an over abundance amount of phone calls from various organizations, an enormous amount of junk mail daily. Extremely frustrating with the entire process, and would like to be notified of anything pertaining to this!
I retired this year to avoid stress due to high blood pressure, this kind of stress is worse than my job was!!!
Add me
My daughter and I got the same letter. I called touch point spoke with them told me it was from anthem. I called them and there was nothing I could do. In fact they are still using the company. What’s wrong with that my information was exposed. And they are not offering anything 😞
I received a letter from OTP dated 8/2/22 stating what happened on 4/28/22. OTP determined that the following information related to me was present on the impacted OTP servers which contains my name, address, date of birth, member ID number, Social Security number, description of service, date of service and diagnosis codes. They did not offer to provide me with one year of free credit monitoring and suggested to monitor free credit reports for suspicious activity. All of my personal info was exposed and I would like to know how I can file a claim. Thank you!
Same situation as me but just today I have received over 100 inquiries about loan approvals. I have NEVER REQUESTED THIS. And now my credit have been greatly effected
I received a notice also
I received a letter also an what’s next??
I receive a letter from OneTouchPoint dated 8/12/22, however, I didn’t receive the letter until 8/29/22! When I read the letter I was very upset, why was I not notified earlier. The letter stated that my name address, a unique ID and plan name was involved, but my SS# and financial information were not impacted by this event. On the other hand, I was sent Steps You Can Take to Help Protect Personal Information mentioning monitoring my account, placing a fraud alert or credit freeze on credit report. Should I believe them? They didn’t say we will pay for one year of credit report monitoring or anything like that..supposedly I have no worries because my SS# and financial info was not compromised. But this entire situation just seems like another issue to stress me out. I have already requested a fraud alert be placed on my credit file–this whole situation is frustrating. Hopefully, I really have nothing to worry about, but I am still concerned. Please let me know if I am eligible to participate in the lawsuit.
I recieved a letter on Aug 22, 2022. I didn’t really start thinking of the negligence and the full scope of danger until now. They said the breach happened in April I believe, so why wait so long to notify people? Everyone has a right to secure private health information!
I received a letter from One Touch point skating a security brakes the letter dated August 12th I did not receive the letter until August 25th it states that my information was on the server that was reached it provides my ID number my name my address and TI claim number dental service claims received process dates total amount paid interest amount and plain name social security number and finance information we’re not impacted by this event if undiscovery and immediately commenced an investigation but I was not notified until $120 days later I have not checked to see anything on my credit report that I have been receiving emails from the Medicare and I’m on Medicaid have been since 2010 I’m getting emails with different links but I will not open them I’m getting emails from lending companies that I’ve never heard of I will fill out the information below and hope to hear from you soon would like to get on this class action lawsuit and we both make money
Upon reading this letter in states that OTP is unable to determine what specific files are unauthorized action viewed within their Network or two people by the summer of investigation to business customers beginning June 3rd they determine that the impact of system contain certain information related to me that unable to say definitively if my information was accessed by the international but they’re notifying me of the event in the abundance of caution on tpcs no evidence of misuse on any information related to this incident our business customer will not impacted by this incident coming the following information related to me was present on the impacted server and goes on to state that my social security number and finance financial information was not impacted up on Discovery investigation to confirm the nature and scope of an instance that report against this law enforcement and taking steps implement industrial safeguard they encourage me to remain vigilant against about identity theft fraud by reviewing my account statements and monitoring through credit report should I feel necessary steps I should take to protect my information so and one section of letter they don’t know what information was taken and then in the next paragraph they’re stating that my social security number and financial information so I have to worry for the rest of my life if my information is going to be sold to the dark web I’ll be put on Cyber scam whatever it is and I have to watch my report for the rest of my life wondering if I’m going to be impacted
I received a letter from One Touch Point dated 08/26/2022 but I didn’t receive it until around 09/03/2022. This letter states : OTP DETERMINED THAT THE FOLLOWING INFORMATION RELATED TO YOU WAS PRESENT ON THE IMPACTED FILES; YOUR NAME AND SSN AND FINANCIAL ACCOUNT INFORMATION… I would like to know more about joining this lawsuit because ALL of my personal information is within the breached files. Please contact me