Delta Dental says data breach exposed info of 7 million people

Trending 2 months ago

Dentist

Delta Dental of California is informing almost 7 cardinal patients that they suffered a information breach aft individual information was exposed successful a MOVEit Transfer package breach.

Delta Dental is simply a dental security supplier that covers 85 cardinal group crossed 50 states, but this information breach announcement concerns nan California section of nan company.

According to a Delta Dental data breach notification, nan institution suffered unauthorized entree by threat actors done nan MOVEit record transportation package application.

The package was susceptible to a zero-day SQL injection flaw starring to distant codification execution, tracked as CVE-2023-34362, which nan Clop ransomware gang leveraged to breach thousands of organizations worldwide.

Delta Dental learned astir nan discuss connected June 1, 2023, and 5 days later, pursuing an soul investigation, it confirmed that unauthorized actors had accessed and stolen information from its systems betwixt May 27 and May 30, 2023.

The second, much lengthy investigation to find nan nonstop effect of nan information incident was completed connected November 27, 2023.

Based connected this, nan information breach has truthful far impacted 6,928,932 customers of Delta Dental, who had their names, financial relationship numbers, and credit/debit paper numbers, including information codes, exposed.

Delta Dental provides 24 months of free in installments monitoring and personality theft protection services to impacted patients to mitigate nan consequence of their exposed data. Details connected enrolling successful nan programme are enclosed successful nan individual notices.

If you are a customer of Delta Dental of California, you are advised to beryllium cautious pinch unsolicited communications, arsenic your information whitethorn person been already shared pinch phishing actors, scammers, and different cybercriminals.

Delta Dental’s lawsuit is nan 3rd largest MOVEit information breach, only behind Maximus (11 million) and Welltok (8.5 million).