One Point HR Solutions

One Point HR Solutions, a Kentucky-based staffing provider, experienced a significant data breach affecting nearly 23,000 current and former employees. The incident exposed sensitive personal and financial information, including government ID numbers, usernames, passwords, and payment card details. Initially, the company faced a class-action lawsuit alleging negligence, breach of implied contract, and invasion of privacy, with three named plaintiffs successfully overcoming a motion to dismiss. However, the case was later withdrawn following an agreement between the parties.The breach compromised critical employee data, raising concerns over identity theft, financial fraud, and unauthorized access to personal accounts. While the legal action was dropped, the exposure of such sensitive information—particularly government-issued IDs and payment data—poses long-term risks for affected individuals, including potential misuse in phishing scams, credential stuffing attacks, or financial exploitation. The incident underscores vulnerabilities in the company’s data protection measures, though the full scope of the breach’s aftermath (e.g., fraud incidents or regulatory penalties) remains undisclosed.

Source: https://news.bloomberglaw.com/business-and-practice/one-point-hr-solutions-resolves-employee-data-breach-class-suit

TPRM report: https://www.rankiteo.com/company/onepointhro

"id": "one3402634103025",
"linkid": "onepointhro",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '23,000 (current and former '
                                              'employees)',
                        'industry': 'Human Resources / Staffing',
                        'location': 'Kentucky, USA',
                        'name': 'One Point HR Solutions',
                        'type': 'Staffing Provider'}],
 'data_breach': {'number_of_records_exposed': '23,000',
                 'personally_identifiable_information': 'Yes (government IDs, '
                                                        'usernames, passwords)',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['government ID numbers',
                                              'usernames',
                                              'passwords',
                                              'payment card information']},
 'description': 'One Point HR Solutions faced a data breach affecting nearly '
                '23,000 current and former employees, compromising government '
                'ID numbers, usernames, passwords, and payment card '
                'information. A class action lawsuit was initially filed but '
                'later withdrawn after an agreement between the parties.',
 'impact': {'customer_complaints': 'Class action lawsuit filed (later '
                                   'withdrawn)',
            'data_compromised': ['government ID numbers',
                                 'usernames',
                                 'passwords',
                                 'payment card information'],
            'identity_theft_risk': 'High (government IDs, payment card info '
                                   'exposed)',
            'legal_liabilities': 'Class action lawsuit (withdrawn)',
            'payment_information_risk': 'High (payment card information '
                                        'exposed)'},
 'references': [{'source': 'US District Court for the Eastern District of '
                           'Kentucky (case records)'}],
 'regulatory_compliance': {'legal_actions': 'Class action lawsuit (withdrawn)'},
 'title': 'Data Breach at One Point HR Solutions',
 'type': 'Data Breach'}