Cybersecurity Data Breach Puts Over One Million Dental Patients at Risk
The dental industry is one of the latest industries under attack from dire cybercriminals, with many crooks taking advantage of weaknesses exposed...
1 min read
Megan Schutz May 5, 2022
Last Friday, the ADA (American Dental Association) was hit by a cyberattack. The attack forced the ADA to shut down portions of their network to investigate the root cause, which affected telephones, email, online services, and web chat functionalities.
You may know of the ADA without realizing it. For example, the ADA Accepted seal that resides on most oral hygiene products (toothpaste, toothbrushes, floss) is a marker that the product is safe to use and contributes to standard oral health. The ADA is a dentist and oral hygiene advocacy association that provides workshops, courses, and training opportunities to 175,000 members nationwide.
Taking systems offline also affected the ADAs store, catalog, due pages, registration pages, credentialing service, and practice transitions pages. In addition, the ADA moved to use Gmail addresses while their official ADA email system was down.
The culprit behind the attack was a new type of ransomware called Black Basta. As a result of the attack, the Black Basta gang leaked ADA’s sensitive information. On the data leak site, it claims to have leaked around 2.8 GB of data, accounting for about 30% of the data taken during the attack. Sensitive data includes NDAs, W2 forms, information on ADA members, accounting spreadsheets, and more.
Of particular note is the leaking of dentists’ information from small clinics, many of which do not have security protocols to protect their data, including an IT security team. Because of this, these dentists’ information is much less secure than those of larger organizations with a substantial IT budget and plan.
Following the attack, the official recommendation is for ADA members to remain vigilant to targeted spear-phishing emails (due to leaked information) that attempt to steal login credentials or other sensitive information. They also recommend that dental practices remain vigilant to remote desktop services or other entry points that might expose them to further attacks .
PK Tech has an extensive history of working in the dental industry, supporting clinics of various sizes in the Greater Phoenix Area. If you are a dental clinic or organization looking for IT support, let’s chat. Get in touch with our team here.
The dental industry is one of the latest industries under attack from dire cybercriminals, with many crooks taking advantage of weaknesses exposed...
Among the large variety of industries we currently work with and have worked with in the past, we have helped several dental practices set up proper...
Microsoft just released their Minimum Hardware Requirements, which states that Windows 10 version 2004 will no longer include 32-bit builds for OEM...