Malware
Delta Dental Reveals Massive Data Breach: 7 Million People’s Information Compromised
Delta Dental revealed a data breach that exposed personal information of 7 million people. The dental insurer disclosed the attack in a security advisory, stating that compromised data includes names, addresses, dates of birth, and social security numbers. Delta Dental is offering affected individuals free credit monitoring and identity theft protection services.
Imagine going to your dentist for a routine check-up, only to find out later that your personal data has been exposed in a massive security breach. That’s exactly what happened to nearly seven million Delta Dental of California customers, who are now being warned about the breach that occurred through the MOVEit Transfer software.
What happened?
Delta Dental is a dental insurance provider that covers a whopping 85 million people across all 50 states. The California division of the company is the one affected by this data breach. Unauthorized access by cybercriminals occurred through the MOVEit file transfer software application, which had a zero-day SQL injection flaw that led to remote code execution. The flaw, tracked as CVE-2023-34362, was exploited by the notorious Clop ransomware gang to breach thousands of organizations worldwide.
The timeline of the breach
Delta Dental became aware of the compromise on June 1, 2023, and after an internal investigation, confirmed that unauthorized actors had accessed and stolen data from its systems between May 27 and May 30, 2023. A second, more in-depth investigation to determine the exact impact of the security incident was completed on November 27, 2023. So far, the breach has impacted 6,928,932 customers, who had their names, financial account numbers, and credit/debit card numbers, including security codes, exposed.
What’s being done to protect affected customers?
To help mitigate the risk of their exposed data, Delta Dental is providing 24 months of free credit monitoring and identity theft protection services to impacted patients. Details on enrolling in the program can be found in the personal notices sent to customers. However, if you’re a customer of Delta Dental of California, it’s important to be cautious with unsolicited communications, as your data may have already been shared with phishing actors, scammers, and other cybercriminals.
A concerning trend
Delta Dental’s case is the third largest MOVEit data breach, ranking only behind Maximus (11 million) and Welltok (8.5 million). This highlights the growing threat of cybersecurity breaches and the importance of staying informed and proactive in protecting your personal information.
What can you do?
The best way to ensure your safety and security is to stay informed and take action when necessary. If you think you’ve been affected by this or any other data breach, don’t hesitate to reach out for help. Contact us for more information and resources to protect yourself from cyber threats. And remember, knowledge is power – so keep coming back to learn more about the ever-evolving world of cybersecurity.