"Nine Million MCNA Dental Customers Hit by Breach"

Millions of customers of one of America’s largest dental health insurers have had their personal information compromised after a ransomware breach.  MCNA Dental stated that it became aware of unauthorized network activity on March 6.  During the investigation, the company learned that a cybercriminal was able to see and take copies of some information in their computer system between February 26, 2023, and March 7, 2023.  The information taken included: first and last names, home and email addresses, dates of birth, phone numbers, Social Security numbers, driver’s license/government-issued ID numbers, health insurance information, and bills and insurance claims.  The company noted that some of this information was not from customers but from parents, guardians, or bill-payers.  According to a breach notice on the website of the Office of the Maine Attorney General, more than 8.9 million individuals were impacted, although MCNA claimed that “information which was seen and taken was not the same for everyone.”  The infamous ransomware group LockBit appears to have been behind the attack.  It claimed to have published all the files it exfiltrated via its leak site back in early April after MCNA refused to pay a multimillion-dollar ransom demand.

Infosecurity reports: "Nine Million MCNA Dental Customers Hit by Breach"