"Smile Brands Breach Impacts 2.5 Million Individuals"

The number of individuals affected by a data breach at one of the largest providers of dental support services in the United States has increased to more than 2.5 million. Smile Brands initially disclosed a data security incident involving ransomware in June 2021. The company became aware of a ransomware attack affecting some of its computer systems on April 24, 2021. An investigation into the incident determined that an unauthorized third party had acquired certain protected health information (PHI). Data compromised in the incident included patients’ names, addresses, telephone numbers, Social Security numbers, dates of birth, health insurance information and/or diagnosis information. Smile Brands’ report to the United States Department of Health and Human Services, made in June 2021, indicated that 1200 patients were notified of the data breach. That number was later revised to 199,683 individuals. In the most recent update, supplied to the Maine Attorney General’s Office on April 12, 2022, the total number of individuals affected by the breach was 2,592,494. In the most recent version of Smile Brands’ data breach notice, recipients are warned that an unauthorized third party may have acquired their “personal financial information” and “government-issued identification number.”

Infosecurity reports: "Smile Brands Breach Impacts 2.5 Million Individuals"