Omni Family Health, operating 39 community health centers across Central Valley (Kern, Kings, Tulare, and Fresno counties), suffered a cyberattack in February 2024 that disrupted IT systems for five days. Initially, no evidence of data compromise was found, but a threat actor later leaked allegedly stolen data on the dark web. Omni confirmed the breach, exposing 468,344 individuals' sensitive information—including names, addresses, Social Security numbers, dates of birth, health insurance details, and medical records—affecting both patients and employees (current/former).The incident led to 21 consolidated class-action lawsuits, resulting in a $6.5 million settlement (including $2.2M for legal fees, $30K for plaintiffs, and reimbursements/credit monitoring for victims). Omni denied liability but agreed to enhance security measures to prevent future breaches. The exposed data poses risks of identity theft, fraud, and financial/reputational harm, with affected individuals eligible for compensation (up to $5,000 for losses, $105.56 pro rata payments, and two years of credit monitoring). California residents receive an additional $100 award.
Omni Family Health cybersecurity rating report: https://www.rankiteo.com/company/omni-family-health
"id": "OMN03103103112525",
"linkid": "omni-family-health",
"type": "Cyber Attack",
"date": "2/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '468,344 (patients and '
'employees)',
'industry': 'healthcare',
'location': ['Kern County, CA',
'Kings County, CA',
'Tulare County, CA',
'Fresno County, CA'],
'name': 'Omni Family Health',
'size': '39 community health centers',
'type': 'healthcare provider'}],
'customer_advisories': 'Eligible individuals can file claims for '
'reimbursement (up to $5,000), cash payments '
'(~$105.56), credit monitoring (2 years), and '
'additional $100 for California residents. Claims due '
'by 2026-01-05.',
'data_breach': {'data_exfiltration': 'Yes (data posted on dark web)',
'number_of_records_exposed': '468,344',
'personally_identifiable_information': 'Yes (names, '
'addresses, SSNs, '
'dates of birth)',
'sensitivity_of_data': 'High (includes SSNs, medical records)',
'type_of_data_compromised': ['PII',
'PHI (Protected Health '
'Information)',
'medical records',
'health insurance details']},
'date_detected': '2024-02-01',
'date_publicly_disclosed': '2024-10-10',
'description': 'A cyberattack on Omni Family Health in February 2024 '
'disrupted IT systems for five days and exposed the data of '
'over 468,000 patients and employees. The breach included '
'sensitive information such as names, addresses, Social '
'Security numbers, dates of birth, health insurance details, '
'and medical records. A threat actor later posted the stolen '
'data on the dark web, leading to a $6.5 million class-action '
'settlement.',
'impact': {'brand_reputation_impact': 'Significant (public disclosure, '
'lawsuits, settlement)',
'customer_complaints': '21 class-action lawsuits filed',
'data_compromised': ['names',
'addresses',
'Social Security numbers',
'dates of birth',
'health insurance details',
'medical records'],
'downtime': '5 days',
'financial_loss': '$6.5 million (settlement)',
'identity_theft_risk': 'High (PII and medical records exposed)',
'legal_liabilities': '$6.5 million settlement (including $2.2M '
'attorney fees, $30K class representative '
'awards, and compensation for affected '
'individuals)',
'operational_impact': 'Disruption of health services across 39 '
'clinics',
'systems_affected': 'IT systems (5-day disruption)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
'high_value_targets': ['patient data',
'employee data']},
'investigation_status': 'Completed (settlement reached, but Omni denies '
'wrongdoing)',
'motivation': ['financial gain', 'data theft'],
'post_incident_analysis': {'corrective_actions': ['Enhanced security '
'practices',
'Settlement terms '
'(compensation, credit '
'monitoring)']},
'ransomware': {'data_exfiltration': 'Yes (data posted on dark web)'},
'recommendations': ['Enhance cybersecurity measures',
'Implement stronger data protection protocols',
'Regular audits and monitoring',
'Employee training on cybersecurity best practices'],
'references': [{'source': 'The HIPAA Journal'},
{'source': 'Class-action lawsuit settlement notice (Pace v. '
'Omni Family Health)'}],
'regulatory_compliance': {'legal_actions': '21 class-action lawsuits '
'consolidated into Pace v. Omni '
'Family Health (Superior Court of '
'Kern County)',
'regulations_violated': ['HIPAA (likely)',
'California consumer '
'protection laws']},
'response': {'communication_strategy': 'Public disclosure on 2024-10-10, '
'notification to 468,344 affected '
'individuals',
'enhanced_monitoring': 'Committed to enhancing security '
'practices',
'incident_response_plan_activated': 'Yes (investigation '
'conducted, but initial '
'findings were later '
'contradicted)',
'remediation_measures': 'Enhanced security practices '
"(post-settlement, at Omni's own cost)"},
'stakeholder_advisories': 'Notification sent to 468,344 affected individuals '
'on 2024-10-10',
'title': 'Omni Family Health Cyberattack and Data Breach (2024)',
'type': ['cyberattack', 'data breach', 'ransomware (unconfirmed)']}