In a significant cybersecurity incident, the extortion group ShinyHunters has released a vast amount of data allegedly taken from DentaQuest, a major dental benefits provider. The group reportedly leaked 234 gigabytes of data after negotiations with the company failed.
Details of the Data Breach
The breach, as reported by the data breach notification platform HaveIBeenPwned, affects approximately 2.6 million individuals. The leaked information includes sensitive personal data such as names, addresses, email addresses, phone numbers, dates of birth, government-issued IDs, and health insurance details.
DentaQuest, which serves a substantial portion of the US population, confirmed the occurrence of the cyberattack. The company stated that they are collaborating with external cybersecurity experts to thoroughly assess the breach’s extent and the specific data compromised.
Company Response and Measures
DentaQuest has publicly addressed the incident, emphasizing their proactive management of the breach. They highlighted their immediate actions to secure their network, contain the attack, and reduce the threat. Additionally, the company has informed the appropriate authorities, although they have not disclosed specifics about the attack’s origins or perpetrators.
The dental benefits administrator is a subsidiary of Sun Life and is one of the largest providers in the United States, offering services to 35 million individuals across all 50 states.
Impact and Ongoing Investigation
The breach adds to a series of recent cybersecurity challenges faced by various organizations, emphasizing the growing threat landscape in the healthcare sector. As investigations continue, affected individuals are advised to monitor their personal accounts for any suspicious activities.
SecurityWeek has reached out to DentaQuest for further details and will update their findings as new information becomes available. The incident underscores the critical need for robust cybersecurity measures in protecting sensitive healthcare data.
In related news, other data breaches have impacted entities such as RCI, IMA Diligence Services, and Charter Communications, affecting thousands of individuals and highlighting the ongoing vulnerabilities in data protection.
