This Time, It’s Dental: Another Day, Another Data Breach

Q: How much data would a dental hacker hack, if a dental hacker could hack data? A: I’m not sure, but probably more now since companies are setting the precedent of paying ransoms for ransomware attacks.

Some hackers may have started targeting dentists as early as June 24 of this year and reports of malware impacting dental offices began to surface in July. However, in this month’s more widespread dental data attack, a hacker group found its way into DDS Safe, an online data backup service advertised as a way to keep medical files safe from ransomware. The group used DDS Safe as an entry-point to… (you know what’s coming next, right?) … deploy ransomware, of course.

“At 8:44 a.m. on Monday, Aug. 26, WDAISC learned that ransomware had been deployed on the remote management software DDS Safe uses to back up client data…” Wisconsin Dental Association Executive Director, Mark Paget announced in a statement released yesterday. “…roughly 400 practices around the country lost access to electronic files as a result of the virus.”

The virus used in this attack was REvil (Sodinokibi) ransomware. As Aamil Karimi of Fidelis Cybersecurity explains, this virus “was first identified and reported on in April 2019…(and has become) one of the most popular strains of ransomware observed by researchers, accounting for 12.5% of the ransomware market share.”

An unnamed source reported by ZDNET indicated that the two software providers behind DDS Safe (and its partner PerCSoft) decided to pay the ransom demand.

This is just the latest in high profile Ransomware attacks, with some Texas cities remaining impacted by an attack that occurred two weeks ago.

Header Image is a screenshot of the DDS website as of 8/30/2019

Comments are closed, but trackbacks and pingbacks are open.