PEAHC
Company Details
Linkedin ID:
all-points-eap-organizational-services
Website:
Employees number:
3
Number of followers:
103
NAICS:
62133
Industry Type:
Homepage:
mylifeexpert.com
IP Addresses:
0
Company ID:
ALL_9176285
Scan Status:
In-progress
All Points EAP, an AllOne Health Company Company CyberSecurity Posture
mylifeexpert.com
All Points EAP & Organizational Services, LLC is a subsidiary of AllOne Health and provides a wide range of assistance services such as medical advocacy, personal concierge, mental health counseling as well as life, career and wellness coaching. All services are supported by 24/7 telephonic counselling, mobile app with chat capabilities and video counseling by licensed counselors. Our EAP services help improve employee wellness, increase productivity, enhance retention and balance work life in the Central Virginia region.
All Points EAP, an AllOne Health Company A.I CyberSecurity Scoring
PEAHC Risk Score (AI oriented)Between 750 and 799
PEAHC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PEAHC Global Score (TPRM)XXXX
PEAHC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PEAHC Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
AllOne Health
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: AllOne Health Resources, Inc. experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on AllOne Health’s network. AllOne had accidentally wired money to a fraudulent bank account because of this incident. According to the reports, the unauthorized party had gained access to an employee’s email account, which they used to perpetrate the fraud. The breach resulted in the names, addresses, dates of birth, driver’s license numbers, Social Security numbers, and health information of 13,669 individuals. The company investigated the incident and reviewed all emails and attachments in the compromised email account.
AllOne Health
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving AllOne Health on July 20, 2022. The breach, which occurred between September 1, 2021, and March 24, 2022, involved unauthorized access to an employee's email account, potentially affecting personal information such as names, addresses, dates of birth, driver’s license numbers, and Social Security numbers.
PEAHC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PEAHC
Incidents vs Mental Health Care Industry Average (This Year)
No incidents recorded for All Points EAP, an AllOne Health Company in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for All Points EAP, an AllOne Health Company in 2026.
Incident Types PEAHC vs Mental Health Care Industry Avg (This Year)
No incidents recorded for All Points EAP, an AllOne Health Company in 2026.
Incident History — PEAHC (X = Date, Y = Severity)
PEAHC cyber incidents detection timeline including parent company and subsidiaries
PEAHC Company Subsidiaries
All Points EAP & Organizational Services, LLC is a subsidiary of AllOne Health and provides a wide range of assistance services such as medical advocacy, personal concierge, mental health counseling as well as life, career and wellness coaching. All services are supported by 24/7 telephonic counselling, mobile app with chat capabilities and video counseling by licensed counselors. Our EAP services help improve employee wellness, increase productivity, enhance retention and balance work life in the Central Virginia region.
Loading...
PEAHC Similar Companies
Sexual Assault Center
Mission: To provide healing for children, adults and families affected by sexual assault and to end sexual violence through counseling, education and advocacy. The Sexual Assault Center is dedicated to fighting the epidemic of sexual violence and its effects on the individuals and families affect
CUSP, LLC
We routinely collaborate with parents, teachers, teacher aides, behavioral therapists, speech and language pathologists, occupational therapists, psychologists and other professionals who provide services to children diagnosed with autism and related disabilities. These professionals often ask
The Rock HHC
together, we can make a difference! We offer both PCA traditional & choice programs WE WORK FOR YOU! Choosing the right Company to help you with your personal care needs is not to be taken lightly. There are differences in companies. While some simply write the paychecks, we take the time to pers
Blue Water Counseling
Blue Water Counseling has quietly been helping adults and children and their families find solutions to life's problems since 1950. Located in Fort Gratiot , Michigan, Blue Water Counseling is the source of the area's most trusted counselors. Professional counselors, social workers, psychologists a
Choices Counseling & Skills Center
We offer practical approaches and expert tools for healing and personal development. Our mission: We seek to serve the community by offering high quality programs for mental health and personal growth across the life span. We also offer professional training and support for others in the mental heal
River Place Behavioral Health Hospital
River Place Behavioral Health is an 82-bed acute psychiatric hospital that is being developed to serve adults in the the greater New Orleans metropolitan area. The new facility, which will be built in LaPlace, Louisiana, is slated to open in 2018 as a joint venture between Ochsner Health System and
Trumpet Behavioral Health
Trumpet Behavioral Health (Trumpet) is a leading provider of behavioral health services. We specialize in the treatment of children and adults with Autism Spectrum Disorders and developmental disabilities, using the principles of Applied Behavior Analysis (ABA). TBH is proud to employ a talented st
Cove Forge Behavioral Health Center
Cove Forge Behavioral Health is located in Williamsburg, Pennsylvania. Our treatment center offers services to adults battling with addiction and co-occurring conditions. At our center, we provide treatment for those addicted to substances such as alcohol, heroin, prescription drugs, cocaine, meth,
The San Francisco Marriage and Couples Center
Our mission is to provide affordable accessible mental health care services and resources for various race, gender, and socio-economic backgrounds. The San Francisco Marriage and Couples Center was founded in 2013. Our organization provides professional health care services with an emphasis and foc
.png)
PEAHC CyberSecurity News
January 23, 2026 11:00 PM
How Does A Phishing Email Work? ⚠️ Ever wondered what happens if you click a phishing email? In this short guide, we explain how phishing works, show real phishing attack examples, and teach you how to identify phishing emails before it’s too late. Lear
January 23, 2026 10:56 PM
CISA to cease participation at RSAC conference after Biden-era cyber leader named CEO
The decision, which has been in motion over the last week, highlights the Trump administration's push to strictly control how current...
January 23, 2026 10:21 PM
UK financial sector cybersecurity review reveals persistent weaknesses
The UK's annual cybersecurity review for 2025 indicates that financial organizations continue to struggle with basic cybersecurity...
January 23, 2026 10:12 PM
UK cyber tests show banks' struggle with basic hygiene
The UK conducted simulated cybersecurity attacks on its banks' live systems and found they lack basic patching and identity controls.
January 23, 2026 09:48 PM
Data Deletion: Why Erasing Your Information Matters More Than Ever
Data deletion is a great way to reduce your digital footprint and lower the risk of cybercrime – here's a guide to deleting your data...
January 23, 2026 09:34 PM
The Wrap: CISA’s PQC List Is Here; FedRAMP Cybersecurity Service; TSA, CBP Face the Future
January 23, 2026 09:15 PM
Identity Theft Awareness Week Jan. 26–30: What ACA Members Should Know
The week features free webinars, podcasts, Facebook Live interviews and other events on identity theft trends that can help collectors stay...
January 23, 2026 08:41 PM
OpenAI's upcoming Codex update will hit the company's "High" cybersecurity risk level for the first time
OpenAI is releasing new Codex features that hit the "High" cybersecurity risk level in its own framework, meaning the model can now remove...
January 23, 2026 07:23 PM
NHS England Probe Suppliers for Cybersecurity Controls
The National Health Service in England will reach out directly to suppliers to ensure they implement proactive and robust cybersecurity risk...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PEAHC CyberSecurity History Information
Official Website of All Points EAP, an AllOne Health Company
The official website of All Points EAP, an AllOne Health Company is http://www.allpointseap.org/.
All Points EAP, an AllOne Health Company’s AI-Generated Cybersecurity Score
According to Rankiteo, All Points EAP, an AllOne Health Company’s AI-generated cybersecurity score is 753, reflecting their Fair security posture.
How many security badges does All Points EAP, an AllOne Health Company’ have ?
According to Rankiteo, All Points EAP, an AllOne Health Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has All Points EAP, an AllOne Health Company been affected by any supply chain cyber incidents ?
According to Rankiteo, All Points EAP, an AllOne Health Company has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does All Points EAP, an AllOne Health Company have SOC 2 Type 1 certification ?
According to Rankiteo, All Points EAP, an AllOne Health Company is not certified under SOC 2 Type 1.
Does All Points EAP, an AllOne Health Company have SOC 2 Type 2 certification ?
According to Rankiteo, All Points EAP, an AllOne Health Company does not hold a SOC 2 Type 2 certification.
Does All Points EAP, an AllOne Health Company comply with GDPR ?
According to Rankiteo, All Points EAP, an AllOne Health Company is not listed as GDPR compliant.
Does All Points EAP, an AllOne Health Company have PCI DSS certification ?
According to Rankiteo, All Points EAP, an AllOne Health Company does not currently maintain PCI DSS compliance.
Does All Points EAP, an AllOne Health Company comply with HIPAA ?
According to Rankiteo, All Points EAP, an AllOne Health Company is not compliant with HIPAA regulations.
Does All Points EAP, an AllOne Health Company have ISO 27001 certification ?
According to Rankiteo,All Points EAP, an AllOne Health Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of All Points EAP, an AllOne Health Company
All Points EAP, an AllOne Health Company operates primarily in the Mental Health Care industry.
Number of Employees at All Points EAP, an AllOne Health Company
All Points EAP, an AllOne Health Company employs approximately 3 people worldwide.
Subsidiaries Owned by All Points EAP, an AllOne Health Company
All Points EAP, an AllOne Health Company presently has no subsidiaries across any sectors.
All Points EAP, an AllOne Health Company’s LinkedIn Followers
All Points EAP, an AllOne Health Company’s official LinkedIn profile has approximately 103 followers.
NAICS Classification of All Points EAP, an AllOne Health Company
All Points EAP, an AllOne Health Company is classified under the NAICS code 62133, which corresponds to Offices of Mental Health Practitioners (except Physicians).
All Points EAP, an AllOne Health Company’s Presence on Crunchbase
No, All Points EAP, an AllOne Health Company does not have a profile on Crunchbase.
All Points EAP, an AllOne Health Company’s Presence on LinkedIn
Yes, All Points EAP, an AllOne Health Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/all-points-eap-organizational-services.
Cybersecurity Incidents Involving All Points EAP, an AllOne Health Company
As of January 24, 2026, Rankiteo reports that All Points EAP, an AllOne Health Company has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
All Points EAP, an AllOne Health Company has an estimated 5,279 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at All Points EAP, an AllOne Health Company ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at AllOne Health Resources, Inc.
Description: AllOne Health Resources, Inc. experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on AllOne Health’s network. The unauthorized party had gained access to an employee’s email account, which they used to perpetrate fraud. The breach resulted in the names, addresses, dates of birth, driver’s license numbers, Social Security numbers, and health information of 13,669 individuals being compromised.
Type: Data Breach
Attack Vector: Email Account Compromise
Vulnerability Exploited: Unauthorized access to an employee’s email account
Motivation: Fraud
Title: Data Breach at AllOne Health
Description: The California Office of the Attorney General reported a data breach involving AllOne Health on July 20, 2022. The breach, which occurred between September 1, 2021, and March 24, 2022, involved unauthorized access to an employee's email account, potentially affecting personal information such as names, addresses, dates of birth, driver’s license numbers, and Social Security numbers.
Date Detected: 2022-07-20
Date Publicly Disclosed: 2022-07-20
Type: Data Breach
Attack Vector: Unauthorized Access to Email Account
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Account Compromise and Email Account.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ALL23823722
Data Compromised: Names, Addresses, Dates of birth, Driver’s license numbers, Social security numbers, Health information
Incident : Data Breach ALL100072925
Data Compromised: Names, Addresses, Dates of birth, Driver’s license numbers, Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Dates Of Birth, Driver’S License Numbers, Social Security Numbers, Health Information, , Names, Addresses, Dates Of Birth, Driver’S License Numbers, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach ALL23823722
Entity Name: AllOne Health Resources, Inc.
Entity Type: Company
Industry: Healthcare
Customers Affected: 13669
Incident : Data Breach ALL100072925
Entity Name: AllOne Health
Entity Type: Healthcare
Industry: Healthcare
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ALL23823722
Type of Data Compromised: Names, Addresses, Dates of birth, Driver’s license numbers, Social security numbers, Health information
Number of Records Exposed: 13669
Sensitivity of Data: High
Incident : Data Breach ALL100072925
Type of Data Compromised: Names, Addresses, Dates of birth, Driver’s license numbers, Social security numbers
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach ALL100072925
Source: California Office of the Attorney General
Date Accessed: 2022-07-20
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2022-07-20.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ALL23823722
Entry Point: Email Account Compromise
Incident : Data Breach ALL100072925
Entry Point: Email Account
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-07-20.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-07-20.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, dates of birth, driver’s license numbers, Social Security numbers, health information, , names, addresses, dates of birth, driver’s license numbers, Social Security numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were driver’s license numbers, addresses, dates of birth, names, Social Security numbers and health information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 205.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Email Account and Email Account Compromise.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=all-points-eap-organizational-services' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
