ONIX Group Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating ONIX Group, LLC regarding its recent data breach. The ONIX Group data breach involved sensitive personal identifiable information and protected health information belonging to an undisclosed number of individuals.


ONIX Group is a multifaceted organization that specializes in commercial real estate investments, management, consulting, and healthcare services. Additionally, ONIX Group owns and operates a collection of eight hotels, representing prominent hospitality franchises such as Hilton, Marriott, IHG, Hyatt and Choice. Founded in 1987, ONIX Group employs over 3,000 individuals and serves over 500,000 hotel customers annually. Headquartered in Kennett Square, Pennsylvania ONIX Group facilitates operations across eight states in the Mid-Atlantic Region and Florida.


On March 27, 2023, ONIX Group discovered that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired through a ransomware incident that affected its internal systems. Through its investigation, ONIX Group determined that an unauthorized actor may have accessed and acquired this sensitive information between March 20 and March 27, 2023. While much information is still unknown about the breach, ONIX Group recently began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Medical information (e.g., scheduling, billing, and clinical information)
  • Direct deposit information
  • Health plan enrollment information

If you received a breach notification letter from ONIX Group:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or sam@turkestrauss.com.

If you were impacted by the ONIX Group  data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by ONIX Group, LLC;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: