US dental provider suffers data breach with 9m affected

30 May 2023

Image: © Bits and Splits/Stock.adobe.com

Ransomware gang LockBit has reportedly taken responsibility for the MCNA Dental data breach.

One of the largest dental care and oral health insurance providers in the US has revealed that nearly 9m people were affected by a data breach earlier this year.

Managed Care of North America (MCNA) Dental wrote in a recent announcement that it first became aware of suspicious and unauthorised activity in its systems on 6 March.

The company found that cybercriminals were able to access and make copies of data from MCNA’s records, including customers’ sensitive personal information such as full name, address, date of birth, phone number, email, social security number and health insurance details.

MCNA said that it launched an investigation as soon as it became aware of the breach and hired a team of cybersecurity specialists to help them.

“When we learned about the activity, we immediately began an investigation. Law enforcement was contacted. We are also making our computer systems even stronger than before because we do not want this to happen again,” the company wrote in the notice.

The dental health provider also offered the 8.9m victims (according to a data breach filing) a free subscription to an identity theft protection service for a period of one year.

According to a Bleeping Computer report, ransomware gang LockBit claimed the MCNA cyberattack the day after the breach.

The group reportedly threatened to publish 700GB of sensitive information they allegedly stole from MCNA’s database unless they were paid a ransom of $10m. A month later, LockBit release all the data on its website.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Vish Gain is a journalist with Silicon Republic

editorial@siliconrepublic.com