iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The largest dental insurer in the US has written data breach notices to 8.9 million customers after it detected and investigated unauthorised access to its systems.
MCNA Dental sent the letters out on 26 May to 8,923,662, informing the recipients that a wide range of their personal data may have been compromised. The data affected includes names and addresses, Social Security numbers, driver’s licence details, government IDs, health insurance information, and dental care records.
However, MCNA believes that not everyone affected by the breach had all of the above data stolen. “Not all data elements were involved for all individuals,” the notice read.
The breach occurred between 26 February 2023 and 7 March, with an investigation into the incident beginning on 6 March, when the unauthorised access was first detected. MCNA hired a third-party forensics firm to assist in the investigation and mitigation of the incident, which concluded on 3 May, which was when the company learnt the full extent of the data that had been accessed and exfiltrated.
“MCNA takes privacy and security very seriously,” MCNA said in the notice, which was shared with the Office of the Maine Attorney-General. “As soon as we discovered the incident, we promptly launched a forensic investigation, took steps to mitigate and remediate the incident and to help prevent further unauthorised activity, and contacted law enforcement. In response to this incident, we have enhanced our security controls and monitoring practices as appropriate to minimise the risk of any similar incident in the future.”
MCNA has offered victims of the breach between one and two years’ worth of credit and identity monitoring.
By MCNA’s own reporting, the company currently serves “over 5 million children and adults”, so it is very likely some of the data is historical in nature.
While MCNA did not report the threat actor behind the incident, the LockBit ransomware group posted more details of the attack on its own dark website. It included sample data as well and confirmed that it was asking for a US$10 million ransom payment.
However, it does appear that MCNA has not paid — the full dataset was published by LockBit on 7 April.
This year, LockBit has been behind a number of high-profile ransomware attacks, with targets including the United Kingdom’s Royal Mail and financial firm the ION Group. LockBit has been in operation in one form or another since September 2019 and is thought to be based in Russia.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
