Ransomware Attack on Aire Dental Arts by Dispossesor: Key Details
Incident Date:
July 29, 2024
Overview
Title
Ransomware Attack on Aire Dental Arts by Dispossesor: Key Details
Victim
Aire Dental Arts
Attacker
Dispossessor
Location
First Reported
July 29, 2024
Ransomware Attack on Aire Dental Arts by Dispossesor
Aire Dental Arts, a comprehensive dental practice located in Midtown Manhattan, has recently fallen victim to a ransomware attack orchestrated by the threat actor known as Dispossesor. The breach was discovered on July 30, significantly impacting the dental care service provider.
About Aire Dental Arts
Aire Dental Arts operates at 515 Madison Avenue, Suite 1710, New York, NY 10022. The practice is known for its comforting atmosphere designed to ease patient anxieties and transform the dental care experience. Led by Dr. Paria Goodarzi, Aire Dental Arts offers a wide range of dental services, including general dentistry, cosmetic dentistry, and specialized treatments. The practice is highly rated, with a 5-star review on Yelp, indicating a strong reputation among its clients.
Attack Overview
The ransomware attack by Dispossesor has led to a significant data breach, with compromised files partially revealed in a video on Streamable. The exact size of the data leak remains unknown. Aire Dental Arts is now focusing on a comprehensive review and analysis of the exfiltrated patient data to understand the breach's implications for patient privacy under New York law.
About Dispossesor
Dispossesor is a newly identified threat actor in the ransomware landscape, primarily functioning as a data broker rather than a traditional ransomware group. First observed in December 2023, Dispossesor capitalizes on the work of other cybercriminals by publishing data leaks from other ransomware groups. The group has targeted various sectors, including healthcare, and has claimed responsibility for around 300 attacks.
Penetration and Vulnerabilities
Dispossesor likely penetrated Aire Dental Arts' systems through vulnerabilities in their cybersecurity measures. The group collaborates with initial access brokers and red teamers, allowing them to exploit existing breaches. Aire Dental Arts had previously faced a data breach in June, which may have exposed weaknesses in their security infrastructure, making them a target for Dispossesor.
Next Steps
Aire Dental Arts will initiate communications with affected patients and relevant officials, providing detailed instructions on pursuing legal claims under New York General Business Law Section 899-aa. Patients may seek damages for emotional distress, identity theft, or financial loss resulting from the breach. The practice is committed to addressing the breach and enhancing their security measures to protect patient information.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.