A cyber-attack on the vendor of a network of dental tactics could have exposed the information of tens of thousands of individuals.
A cyber-criminal applied a phishing attack to acquire obtain to the personal computer devices of North American Dental Management between March 31 and April 1, 2021. Pittsburgh-dependent North American Dental Administration gives administrative and technology assistance providers for Professional Dental Alliance (PDA) offices.
Following the security breach, PDA notified people that an unauthorized personal may have accessed some of their protected overall health data (PHI).
The facts that may have been exposed was saved in email accounts that the attacker was ready to breach.
“Experienced Dental Alliance (‘PDA’) was not too long ago notified that a few email accounts of its vendor, North American Dental Administration, made up of some minimal affected individual facts ended up accessed by an unauthorized person in between March 31 and April 1, 2021, as the outcome of an email phishing incident,” mentioned PDA affiliate Grove Dental Associates in a data breach notice published on its website.
“At this time, the identity of some people is identified, but the vendor’s investigation is ongoing.”
Soon after getting the breach, North American Dental Administration took measures to secure the compromised email accounts and launched an investigation.
PDA said that it experienced not found any evidence of any real misuse of personalized info and that its investigation of the make any difference suggests that the attack was constrained to email credential harvesting.
The threat actor did not accessibility PDA’s patient electronic dental document or dental photographs nevertheless, the Alliance discovered that some delicate own info may well have been current in the compromised email accounts.
Grove Dental Associates claimed: “The full extent of the probably afflicted particular data is not nevertheless recognized and will vary amongst persons, but it may perhaps incorporate the following: title, address, email deal with, phone variety, dental facts, insurance policy data, Social Security Range, and/or financial account quantities.”
The breach was reported to the DHS’s Business for Civil Rights as impacting 125,760 patients in Connecticut, Florida, Georgia, Illinois, Indiana, Massachusetts, Michigan, New York, Texas, and Tennessee.
PDA is providing complimentary credit history checking and identity theft providers for two a long time for probably impacted clients.
Some sections of this article are sourced from: