A new cyber attack in which they hacked one of America's largest dental health insurers and obtained the personal information of nearly nine million individuals in the United States, by a ransomware gang.
The Atlanta-based dental insurance company said it was compromised last March 6, and later learned that hackers were able to see and take copies of some of the information on the company's computer.
The stolen information includes a range of patients’ personal data, including names, addresses, dates of birth, telephone numbers, email addresses, social security numbers, driver’s licenses and other government-issued identification numbers. Hackers also have access to patient health insurance data, including plan information as well as bill and insurance claim information.
According to the Data Breach Notification submitted to Maine’s Attorney General, the breach impacted over 8.9 million Dental clients. This makes this the biggest breach of health information, following a breach by PharMerica that saw hackers gain access to personal data of nearly 6 million patients.
The compromised dental insurance company said it was reviewed to identify the affected data was completed on May 3—nearly two months after the cyberattack—but did not provide further details about the incident.
The company that claimed responsibility for the breach said it published all the files it obtained from the insurance company. After the company refused to pay $10 million for a ransom.
Leaked data samples indicate that hackers have accessed sensitive information, including patients’ personal data and insurance details.
Ransombands are Russia-related gangs first observed in September 2019. The group has breached a number of high profile victims in recent months, and the gang suffered a setback in November when one of its alleged leaders, a dual Russian-Canadian national named Mikhail Vasilyev, was arrested in Canada.
