American Dental Association Falls Victim to a New Type of Ransomware

Last Friday, the ADA (American Dental Association) was hit by a cyberattack. The attack forced the ADA to shut down portions of their network to investigate the root cause, which affected telephones, email, online services, and web chat functionalities.

You may know of the ADA without realizing it. For example, the ADA Accepted seal that resides on most oral hygiene products (toothpaste, toothbrushes, floss) is a marker that the product is safe to use and contributes to standard oral health. The ADA is a dentist and oral hygiene advocacy association that provides workshops, courses, and training opportunities to 175,000 members nationwide.

Taking systems offline also affected the ADAs store, catalog, due pages, registration pages, credentialing service, and practice transitions pages. In addition, the ADA moved to use Gmail addresses while their official ADA email system was down.

What’s this new ransomware?

The culprit behind the attack was a new type of ransomware called Black Basta. As a result of the attack, the Black Basta gang leaked ADA’s sensitive information. On the data leak site, it claims to have leaked around 2.8 GB of data, accounting for about 30% of the data taken during the attack. Sensitive data includes NDAs, W2 forms, information on ADA members, accounting spreadsheets, and more.

Of particular note is the leaking of dentists’ information from small clinics, many of which do not have security protocols to protect their data, including an IT security team. Because of this, these dentists’ information is much less secure than those of larger organizations with a substantial IT budget and plan. 

Following the attack, the official recommendation is for ADA members to remain vigilant to targeted spear-phishing emails (due to leaked information) that attempt to steal login credentials or other sensitive information. They also recommend that dental practices remain vigilant to remote desktop services or other entry points that might expose them to further attacks .

PK Tech has an extensive history of working in the dental industry, supporting clinics of various sizes in the Greater Phoenix Area. If you are a dental clinic or organization looking for IT support, let’s chat. Get in touch with our team here.