Over 1.2 Million Patient Records Compromised in 2024
According to a recent report from the website bankinfosecurity.com, written by Marianne Kolbasuk McGee, dental practices across the United States are experiencing a significant surge in cyber attacks. The article, published on August 28, 2024, reveals that more than 1.2 million patients have had their sensitive data exposed so far this year.
Major Breaches Reported to Health and Human Services
The U.S. Department of Health and Human Services’ Office for Civil Rights has recorded at least two dozen major data breaches in the dental sector in 2024. These incidents have been documented on the agency’s HIPAA Breach Reporting Tool website.
One of the most severe cases involved Arizona-based Risas Dental & Braces. The practice reported a hacking incident affecting 618,189 individuals. The breach, which was detected in July 2023 but reported in March 2024, potentially resulted in unauthorized extraction of files containing patient information.
Multiple Practices Affected by Single Attack
In another significant breach, three Minnesota-based specialty dental practices, all under the parent company Park Dental, reported a collective impact on approximately 279,000 patients. This incident stemmed from an email hacking attack.
A spokesperson for Park Dental stated, “The incident was limited to our Microsoft 365 cloud environment and did not involve a compromise of its internal computer network or patient records database.”
Vulnerabilities in Dental Practices
The article suggests that dental practices are particularly vulnerable to cyber attacks due to various factors. Kate Borten, president of The Marblehead Group, a privacy and security consulting firm, explained:
“Dental practices typically don’t have robust security controls. They rely on third parties for much of their technology, including security – sometimes with low budgets and limited oversight.”
Recommendations for Improved Security
Mike Hamilton, founder and CISO of security firm Critical Insight, recommends that dental practices implement the cybersecurity performance goals recently released by the U.S. Department of Health and Human Services. He argues:
“The CPGs are the most basic controls that are effective at raising the degree of effort needed by the attacker to gain access.”
As cyber attacks continue to target the healthcare sector, it is clear that dental practices must prioritize their digital security measures to protect patient data and maintain trust in their services.
The information and viewpoints presented in the above news piece or article do not necessarily reflect the official stance or policy of Dental Resource Asia or the DRA Journal. While we strive to ensure the accuracy of our content, Dental Resource Asia (DRA) or DRA Journal cannot guarantee the constant correctness, comprehensiveness, or timeliness of all the information contained within this website or journal.
Please be aware that all product details, product specifications, and data on this website or journal may be modified without prior notice in order to enhance reliability, functionality, design, or for other reasons.
The content contributed by our bloggers or authors represents their personal opinions and is not intended to defame or discredit any religion, ethnic group, club, organisation, company, individual, or any entity or individual.