One of the largest dental health insurers in the United States, Managed Care of North America (MCNA) Dental, has fallen victim to an apparent ransomware attack, compromising the personal information of nearly nine million individuals. The Atlanta-based company specializes in government-sponsored dental insurance plans for children and seniors. On Friday, MCNA Dental issued a notice stating that it had detected unauthorized activity in its computer system on March 6. Further investigation revealed that a hacker had gained access to and copied certain information between February 26 and March 7, 2023.
The stolen data includes a wealth of sensitive personal information, such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, and driver’s licenses or other government-issued ID numbers. Additionally, the hackers accessed patients’ health insurance details, including plan information, Medicaid ID numbers, and billing and insurance claim information.
Notably, some of the compromised data pertains to patients’ parents, guardians, or guarantors, indicating that children’s personal information may have been exposed as well. According to a data breach notification filed with Maine’s attorney general, over 8.9 million clients of MCNA Dental were affected, making it the largest health information breach of 2023 thus far, surpassing the PharMerica breach that impacted nearly six million patients.
MCNA Dental conducted a review to ascertain the extent of the affected data, which concluded on May 3, nearly two months after the cyberattack. However, the company has not disclosed specific details about the incident.
The LockBit ransomware group has claimed responsibility for the attack and alleges to have published all the exfiltrated files from MCNA Dental after the company refused to pay a $10 million ransom. The group, known for its connections to Russia, reportedly stole approximately 700GB of data during the breach. Samples of the leaked data validate that the hackers obtained sensitive patient information, including personal data and insurance details.
LockBit has targeted several high-profile victims in recent months, including the Royal Mail in the UK, the Ion Group financial software company, and California’s department of finance. Although one of its alleged leaders was arrested in Canada in November, the group remains active. In March, the U.S. government indicted a Russian national believed to be a key figure in the LockBit ransomware group.
The breach at MCNA Dental serves as a stark reminder of the persistent threat posed by ransomware attacks and the critical importance of safeguarding personal data. Stay informed and vigilant to protect your sensitive information.
