



An apparent ransomware attack against one of Americas largest dental insurers has compromised the personal information of nearly nine million people in the United States.

Atlanta-based Managed Care of North America (MCNA) Dental claims to be the nation’s largest dental insurer for government-sponsored plans covering children and seniors. In a notice on Friday, the company said it has become aware of certain activity on our computer. system that occurred without our permission on March 6 and later learned that a hacker was able to see and take copies of certain information in our computer system between February 26 and March 7, 2023.

The stolen information includes a wealth of personal patient data, including names, addresses, dates of birth, phone numbers, email addresses, social security numbers, and driver’s license or other government-issued identification numbers. government. The hackers also accessed patients’ health insurance data, including plan information and Medicaid identification numbers, as well as information about insurance bills and claims.

In some cases, some of this data related to a parent, guardian or guarantor of the patient, according to MCNA Dental, suggesting that the children’s personal data was accessed during the breach.

According to a data breach notification filed with the Maines Attorney General, the breach affected more than 8.9 million MCNA Dental customers. This makes this incident the largest health information breach of 2023 so far, following the PharMerica breach which saw hackers access the personal data of nearly 6 million patients.

MCNA Dental said its review to determine what data was affected was completed on May 3, nearly two months after the cyberattack, but did not provide further details about the incident. A spokesperson for MCNA did not respond to questions from TechCrunchs.

However, ransomware group LockBit has taken responsibility for the cyberattack and claims to have released all of the files it exfiltrated from MCNA Dental after the company refused to pay a $10 million ransom demand.

A listing on the LockBits dark web leak site, seen by TechCrunch, suggests the notorious ransomware gang stole 700GB of data during the intrusion.

Samples of the leaked data appear to confirm that the hackers accessed sensitive information, including personal patient data and insurance details.

LockBit is a Russian-linked ransomware gang that was first spotted in September 2019. The group has claimed a number of high-profile victims in recent months, including UK postal giant Royal Mail, financial software company Ion Group and the California Department of Treasury.

The gang suffered a setback in November when one of its alleged leaders, dual Russian-Canadian citizen Mikhail Vasiliev, was arrested in Canada. In March, the US government also announced that it had indicted a Russian national accused of being a key figure in the LockBit ransomware group.

