A cyber-attack on the vendor of a network of dental practices may have exposed the knowledge of tens of 1000’s of sufferers.
A cyber-legal used a phishing attack to achieve entry to the computer system systems of North American Dental Management between March 31 and April 1, 2021. Pittsburgh-primarily based North American Dental Management offers administrative and technology assistance solutions for Professional Dental Alliance (PDA) places of work.
Next the security breach, PDA notified sufferers that an unauthorized personal may perhaps have accessed some of their shielded wellness information (PHI).
The information that may possibly have been exposed was stored in email accounts that the attacker was capable to breach.
“Specialist Dental Alliance (‘PDA’) was a short while ago notified that a couple of email accounts of its vendor, North American Dental Administration, that contains some confined individual information and facts were being accessed by an unauthorized man or woman among March 31 and April 1, 2021, as the result of an email phishing incident,” stated PDA affiliate Grove Dental Associates in a info breach notice published on its web-site.
“At this time, the identification of some people is regarded, but the vendor’s investigation is ongoing.”
Immediately after exploring the breach, North American Dental Management took measures to safe the compromised email accounts and launched an investigation.
PDA said that it had not uncovered any evidence of any precise misuse of personal info and that its investigation of the issue signifies that the attack was restricted to email credential harvesting.
The threat actor did not access PDA’s client electronic dental report or dental photographs even so, the Alliance found that some delicate individual facts may perhaps have been present in the compromised email accounts.
Grove Dental Associates explained: “The entire extent of the likely impacted own information and facts is not nevertheless known and will fluctuate in between folks, but it may possibly include things like the next: identify, address, email handle, phone amount, dental information and facts, insurance plan information, Social Security Selection, and/or economical account quantities.”
The breach was described to the DHS’s Office for Civil Legal rights as impacting 125,760 patients in Connecticut, Florida, Ga, Illinois, Indiana, Massachusetts, Michigan, New York, Texas, and Tennessee.
PDA is supplying complimentary credit score checking and id theft providers for two yrs for potentially influenced people.
Some parts of this article are sourced from:
www.infosecurity-journal.com