Jump to content
  • LockBit Ransomware Gang Steals Data From 8.9M Dental Insurance Customers

    aum

    • 454 views
    • 2 minutes
     Share


    • 454 views
    • 2 minutes

    Managed Care of North America (MCNA) Dental is the largest dental insurer in the US for state-sponsored Medicaid and CHIP programs.

     

    Nearly 9 million patients of Managed Care of North America (MCNA) Dental had their personal data stolen by ransomware gang LockBit.

     

    In a notification(Opens in a new window) published on its website, MCNA Dental said it became aware of unauthorized activity on its computer system on March 6, 2023, and later learned that hackers had been stealing private patient information from Feb. 26, 2023 to March 7, 2023.

     

    As Bleeping Computer notes(Opens in a new window), the health provider is the largest dental insurer in the US for state-sponsored Medicaid and CHIP programs, and has been in operation for over 25 years.

     

    Stolen information includes the first and last name, address, date of birth, phone number and email of its patients, as well as government information like Social Security and driver's license numbers. Maine's attorney general posted a full list(Opens in a new window) detailing what information was stolen.

     

    The LockBit ransomware group took responsibility for the hack on March 7, 2023, when they threatened to publish 700GB of the private data unless they were paid $10 million. It appears the threat was true, as on April 7, LockBit released all the data on its website.

     

    In a filing(Opens in a new window) with Maine's AG, MCNA Dental says the breach affected 8,923,662 people (though only 101 are Maine residents). The notice on MCNA's website also mentions Arkansas, Florida, Idaho, Kentucky, New York, and a variety of other organizations, so the impact is widespread.

     

    In its notification, MCNA offers to pay for(Opens in a new window) the yearly cost of an identity theft protection service for affected customers. It will also keep the data theft notice live on its website for “at least 90 days” as it does not have the current postal addresses for all affected customers. Anyone affected by the data breach is advised to check their bills and accounts to ensure they look correct.

     

    LockBit, meanwhile, is a rather prolific ransomware gang. Most recently, security researchers discovered a new version of the LockBit ransomware that targets Apple's Mac computers for the first time. But they've also targeted a SpaceX supplier, and launched a bug bounty program designed to reward anyone who submits details on previously unknown website vulnerabilities to the group.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...