LockBit attacks MCNA Dental
Incident Date:
February 26, 2023
Overview
Title
LockBit attacks MCNA Dental
Victim
MCNA Dental
Attacker
Lockbit
Location
First Reported
February 26, 2023
Managed Care of North America (MCNA) Dental Data Breach Affects 9 Million Patients
Managed Care of North America (MCNA) Dental has confirmed that hackers stole almost 9 million patients’ data in a data breach. In a data breach notification posted to the organization’s website on May 26, MCNA says that cybercriminals gained access to its network on February 26. However, it only became aware of the intrusion on March 6. In that time, cybercriminals were able to steal the personal data of 8.9 million patients.
That data includes:
- Full name
- Address
- Date of birth
- Phone number
- Social Security number
- Driver’s license number
- Government-issued ID number
- Health insurance (plan information, insurance company, member number, Medicaid-Medicare ID numbers)
MCNA has notified the Office of the Maine Attorney General that the breach impacted 8,923,662 individuals, including patients, parents, guardians, and guarantors.
Response and Remediation Efforts
The government-sponsored dental care and oral health insurance provider has notified impacted individuals and offered them 12 months of complimentary identity theft protection and credit monitoring through IDX. As MCNA doesn’t have current addresses for all those affected, they have published a substitute notification on the IDX website.
LockBit Ransomware Gang's Involvement
The LockBit ransomware gang claimed responsibility for the attack on March 7, threatening to publish 700GB of sensitive information unless MCNA paid a $10 million ransom. LockBit published the stolen data on April 7.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.