An information breach at dental advantages administration firm DentaQuest reportedly uncovered delicate information from 2.6 million accounts.
The safety incident got here to gentle final month when the infamous extortion group ShinyHunters listed the corporate on a knowledge breach web site and claimed to have stolen over 234 GB of knowledge.
The information was publicly leaked after the attackers stated they failed to succeed in an settlement with the corporate.
DentaQuest, a part of Solar Life, is likely one of the largest dental profit administration corporations in the USA. We handle Medicaid packages, Medicare Benefit plans, and dental insurance coverage and supplier networks for employers, well being plans, and particular person prospects.
The corporate says it serves 35 million prospects, operates packages in 50 states, and has a community of 140,000 dentists and dental professionals.
DentaQuest confirmed on its web site on June 2 that its community had been breached and that the incident had precipitated “restricted disruption” to customer support.
“DentaQuest actively manages cybersecurity incidents involving unauthorized entry to restricted parts of our community,” the assertion reads.
“As soon as we found the preliminary incident, we took speedy steps to guard the surroundings, include the assault, and mitigate the risk.”
“Our methods stay totally operational and we proceed to serve our shoppers with minimal disruption.”
The corporate additionally stated it has employed outdoors specialists to help with the investigation and establish the compromised information.
Yesterday, information breach alert service Have I Been Pwned (HIBP) analyzed the leak and located it contained data from 2.6 million accounts. Particularly, the leaked dataset uncovered:
- e-mail deal with
- full identify
- phone quantity
- Authorities-issued ID
- Medical health insurance data
- intercourse
- date of start
Though DentaQuest’s assertion didn’t verify that the info breach affected any of its shoppers, HIBP is understood to make use of a number of verification strategies to confirm leaked datasets.
HIBP additionally stated that roughly 66% of the breached data have been in its database from previous incidents that affected different organizations and companies.
Anybody whose data could have been compromised on this incident ought to concentrate on all incoming communications as compromised information will increase the danger of social engineering and phishing assaults.
Safety groups doc 54% of profitable assaults and concern a warning on solely 14%. The remainder strikes invisibly by the surroundings.
Picus’ whitepaper exhibits the way to take a look at your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
