The number of ransomware attacks seems to grow in the age of modern technology, and the healthcare sector is no exemption from it. A recent cyber attack resulted in the threat actor accessing the private data of millions of dental patients.
Ransomware Attack on MCNA
Personal and sensitive data was stolen in the recent ransomware attack against Managed Care of North America (MCNA). The hacker group managed to steal copies of patient information from February 26th to March 7th, 2023.
Information such as addresses, driver's licenses, insurance data, and Social Security numbers were included in the theft. According to Engadget, some of the data belonged to people associated with the patients such as parents, guardians, and guarantors.
While MCNA has not revealed who was behind the attack on 8.9 million of its clients, reports say that the LockBit ransomware group is the perpetrator, as they have already taken credit for it along with their demands and proof.
The hacker group demanded $10 million for ransom, which they claimed the MCNA refused to pay. This resulted in the hacker group publishing the stolen files. Samples have been taken from the said data, which was 700 GB worth, which proves that it was genuine.
In response to the attack, the dental insurer offered the affected clients a year of credit monitoring services for free. It also advised the customers to look out for unusual activities in their accounts and protect their personal information.
Since the MCNA is the largest insurer for government-backed plans which includes partners in New York and other unions, the incident is now the largest data breach so far this year with millions affected by the cyber attack.
The dental insurer has already hired a third-party forensic firm to investigate the incident further and assist in resolving matters in its aftermath, while also stating in their notice that they have discovered certain systems in their network that have been infected with malicious code.
Read Also: Worried About Phishing Scams, Email Attacks? 8 Warning Signs You're in Danger, 4 Ways to Stop It
What Can You Do If Your Data Was Stolen?
There are many steps that you can take to reduce or prevent threat actors from using them for fraudulent activities. If you are among the 8.9 million affected clients and you do take the complimentary credit monitoring services, you should still take measures on your own.
The first thing you should do is change the passwords of important accounts. Although digital accounts were not among the data that was stolen, it is still possible for the threat actors to breach them based on your personal data that was stolen.
If you can, you should also try signing up for identity theft protection services, especially since the data stolen involved a lot of identification data such as driver's licenses, addresses, and Social Security numbers.
Since telephone numbers and email addresses were also stolen during the breach, you will have to be vigilant when it comes to phishing scams. It could come in the form of emails with suspicious internet links or phone calls asking for private and personal information.
