Managed Care of North America (MCNA) Dental is the largest dental insurer in the US for state-sponsored Medicaid and CHIP programs.
Nearly 9 million patients of Managed Care of North America (MCNA) Dental had their personal data stolen by ransomware gang LockBit.
In a notification(Opens in a new window) published on its website, MCNA Dental said it became aware of unauthorized activity on its computer system on March 6, 2023, and later learned that hackers had been stealing private patient information from Feb. 26, 2023 to March 7, 2023.
As Bleeping Computer notes(Opens in a new window), the health provider is the largest dental insurer in the US for state-sponsored Medicaid and CHIP programs, and has been in operation for over 25 years.
Stolen information includes the first and last name, address, date of birth, phone number and email of its patients, as well as government information like Social Security and driver's license numbers. Maine's attorney general posted a full list(Opens in a new window) detailing what information was stolen.
The LockBit ransomware group took responsibility for the hack on March 7, 2023, when they threatened to publish 700GB of the private data unless they were paid $10 million. It appears the threat was true, as on April 7, LockBit released all the data on its website.
In a filing(Opens in a new window) with Maine's AG, MCNA Dental says the breach affected 8,923,662 people (though only 101 are Maine residents). The notice on MCNA's website also mentions Arkansas, Florida, Idaho, Kentucky, New York, and a variety of other organizations, so the impact is widespread.
In its notification, MCNA offers to pay for(Opens in a new window) the yearly cost of an identity theft protection service for affected customers. It will also keep the data theft notice live on its website for “at least 90 days” as it does not have the current postal addresses for all affected customers. Anyone affected by the data breach is advised to check their bills and accounts to ensure they look correct.
LockBit, meanwhile, is a rather prolific ransomware gang. Most recently, security researchers discovered a new version of the LockBit ransomware that targets Apple's Mac computers for the first time. But they've also targeted a SpaceX supplier, and launched a bug bounty program designed to reward anyone who submits details on previously unknown website vulnerabilities to the group.
- Adenman and alf9872000
- 2
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.