OneTouchPoint Facing Class Action Over April 2022 Data Breach Affecting 1M Consumers

New to ClassAction.org? Read our Newswire Disclaimer

OneTouchPoint, Inc. faces a proposed class action over an April 2022 data breach that allegedly exposed consumer information stored by the printing and mailing services provider.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

The 46-page lawsuit alleges OneTouchPoint, whose customers include health insurance carriers and medical providers, failed to properly safeguard the personal information of over one million consumers. Per the suit, the company has stated that the compromised data may have included consumers’ names, member IDs and information they provided in a health assessment. According to the case, OneTouchPoint obtains this data from the organizations for whom it provides mailing services.

Among OneTouchPoint’s customers are nearly 40 health insurance carriers and medical providers, including Anthem, Blue Cross Blue Shield, Humana and Kaiser Permanente. 

The case alleges that consumers whose information was exposed to unauthorized access now face a heightened risk of identity theft and fraud, which, according to the suit, “will remain for their respective lifetimes.”

The lawsuit relays that OneTouchPoint first learned of the data breach on April 28, 2022, when it discovered encrypted files on certain computer systems. After an investigation, the defendant determined that the servers that were accessed contained consumers’ names, member IDs and “information that may have been provided during a health assessment,” the suit relays.

Although the breach was discovered in late April, OneTouchPoint waited several months, until July 27, to begin notifying those whose information was compromised, the lawsuit contends. Per the case, the defendant delayed sending data breach notices to victims despite being “well aware of the need to move quickly in responding to Data breach events.”

The suit says that because of OneTouchPoint’s “delayed response,” data breach victims “had no idea their Private Information had been compromised,” and were unaware of the “significant risk of identity theft and various other forms of personal, social, and financial harm.” Per the suit, victims whose information was accessed now face “years of constant surveillance” of their personal and financial accounts.

The lawsuit looks to cover all U.S. residents whose private information was actually or potentially accessed or acquired during the data breach referenced in the data breach notice published by OneTouchPoint on or around July 27, 2022.

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.