USA: Delta Dental of California and its affiliates have reported a significant data breach, attributing it to a worldwide security incident associated with the MOVEit file transfer software by Progress Software.
The breach, revealed through a notification filed with the Maine Attorney General on December 14, involves unauthorized access to protected health information. The compromised data encompasses a range of sensitive details, including names, addresses, Social Security numbers, driver’s license numbers, state identification numbers, passport details, financial account information, tax identification numbers, individual health insurance policy numbers, and/or health-related information.
Discovery and Impact
Delta Dental detected the breach on June 1, 2023, initiating an immediate investigation and corrective actions. Confirmation of unauthorized access between May 27 and May 30, affecting around 7 million individuals, was established on July 6, 2023. The investigative process concluded on November 27, 2023, with law enforcement duly informed.
Claude Mandy, Chief Evangelist of Data Security at Symmetry Systems, highlighted the typical challenges in identifying and responding to such incidents, emphasizing the reliance on specialized digital forensic and incident response providers.
Delta Dental’s Response
Delta Dental is actively notifying affected individuals and providing support services. Individuals are advised to monitor financial statements, report suspicious activities, and utilize a hotline (800-693-2571). Teresa Rothaar, Governance, Risk, and Compliance Analyst at Keeper Security, suggests proactive steps for affected individuals, including changing login information, using dark web monitoring services, monitoring or freezing credit reports, and practicing good cyber hygiene.
The MOVEit vulnerability has had a widespread impact, affecting thousands of organizations globally, ranging from corporations to government agencies. Viakoo CEO, Bud Broomhead, underscores the need for organizations to reconsider the depth of personal information retained, advocating for minimal data retention and robust encryption measures.
The information and viewpoints presented in the above news piece or article do not necessarily reflect the official stance or policy of Dental Resource Asia or the DRA Journal. While we strive to ensure the accuracy of our content, Dental Resource Asia (DRA) or DRA Journal cannot guarantee the constant correctness, comprehensiveness, or timeliness of all the information contained within this website or journal.
Please be aware that all product details, product specifications, and data on this website or journal may be modified without prior notice in order to enhance reliability, functionality, design, or for other reasons.
The content contributed by our bloggers or authors represents their personal opinions and is not intended to defame or discredit any religion, ethnic group, club, organisation, company, individual, or any entity or individual.