Largest U.S. dental provider MCNA compromises sensitive information of 8.9 million users

MCNA Dental, one of the largest providers of dental care and oral health insurance in the U.S., posted a data breach notice on its website notifying that nearly 9 million patients' personal data had been compromised.

In the notice, MCNA claimed that after internal personnel discovered unauthorized access to its computer systems on March 6, 2023, an immediate investigation was conducted, which revealed that a hacker had breached MCNA's internal network systems on February 26, 2023. During this time, the hacker stole personal data from nearly 9 million users.

MCNA promptly called the police

Upon becoming aware of the cyberattack, MCNA immediately reported the attack to the Maine Attorney General's Office. The attack affected 8,923,662 people, including patients, parents, guardians or sponsors, and MCNA said it has taken all available steps internally to remedy the situation and has strengthened the security of its internal systems to prevent similar incidents in the future.

In addition, activation instructions for 12 months of free identity theft protection and credit monitoring services through IDX were included in the notice sent to affected users. However, MCNA does not have everyone's current address and cannot guarantee that every affected individual will receive the notification. MCNA also contacted law enforcement to help stop hackers from misusing the stolen information.

LockBit claims responsibility for the attack

On March 7, 2023, the LockBit ransomware group claimed responsibility for the MCNA attack when it released the first samples of data stolen from the healthcare organization. LockBit threatened to release 700GB of sensitive, confidential information stolen from MCNA's network if they were not paid $10 million.

On April 7, 2023, LockBit posted all of the data on its website, where anyone could download it. Researchers speculate that this data may have fallen into the hands of other threat attackers and therefore recommend that all affected users try to monitor their credit reports for signs of fraudulent activity and identity theft. In addition, users should be wary of targeted phishing email attacks.