Dental Insurance Service Provider Hacked, Exposing Nearly 9 Million Patients
Table of Contents
- By Steven
- Jun 05, 2023
MCNA, a health insurance program service that works with children and Medicaid recipients, was recently the target of a ransomware gang. The company works with millions of patients, dental clinics, dental and orthodontic practices, and more. A huge number of patients entrust their data to this massive organization, and they are now at risk from serious cyber-attacks because of this significant data breach.
How Did the Attack Occur?
On March 6, 2023, MCNA detected something wasn't right with its computer systems. The company noticed a third party was accessing files and tampering with services. As soon as the company noticed issues, it began shutting down services, blocked out the attacker, and brought in a third-party cyber security team to investigate and protect the systems properly. Unfortunately, the attack wasn't noticed until long after it began, and the LockBit ransomware group had already gotten away with a substantial pile of stolen data. The information is leverage for a huge $10 million ransom against MCNA.
What Information Was Viewed or Stolen?
During the breach, mostly healthcare-related information was taken from patients, employees, parents, guardians, and more. Data like Social Security Numbers, health insurance information, dental and orthodontic care data, government ID numbers, and more were taken. All these details are little bits of leverage for the ransomware group, but they are also risks to the safety of patients. If your information is involved in this breach, you're at risk of being hacked, impersonated, and suffering from identity theft and phishing attacks.
How Did MCNA Admit to the Breach?
After determining personal data was involved in its data breach, MCNA sent an official report to the Maine Attorney General's office. Within that notice, an outline of victim information stolen was listed as well as the total number of impacted individuals suspected. With as many as 9 million patients involved in this data attack, there is a lot on the line because of this attack.
What Will Become of the Stolen Information?
We don't know what the ransomware group will do with all the stolen data, but we do know that a small portion of the data was already leaked on the dark web. The remaining data will likely be sold and traded if MCNA doesn't pay the demanded ransom amount. When that data changes hands, it could be used for a range of cyber attacks. Involved individuals may be hit by phishing attacks, identity theft assaults, and so much more. Your credit and finances could take a hit because of this breach.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a document from MCNA informing you that you're involved in this breach, you should consider putting a freeze on your credit through each of the major bureaus for the ultimate level of protection. If you don't want to go that far, you could invest in personal identity theft protection services along with credit monitoring protections. You should be taking action to safeguard your credit or you may face attacks and damage in the future.