Canadian dental benefits administrator Alberta Dental Service Corporation (ADSC) has started informing roughly 1.47 million individuals that their personal information was compromised in a ransomware attack last month.
The intrusion was initially discovered on July 9, but the full scope of the data breach was determined only two weeks later.
In an incident notification, ADSC reveals that individuals enrolled in the Alberta Government’s Dental Assistance for Seniors Plan, the Alberta Government’s Low-Income Health Benefits Plans, and Quikcard were impacted.
Quikcard brokers and dental services providers that enrolled with ADSC to receive direct payment for eligible health claims were also impacted.
The attackers, ADSC says, had access to its network for more than two months before deploying file-encrypting malware. During this time, the attackers copied certain data from the compromised systems, including files containing personal and banking information.
“In total, approximately 1.47 million individuals were compromised. Of those, less than 7,300 records contained personal banking information. Only those who proactively provided their banking details to ADSC could have had that information accessed,” ADSC says.
Potentially compromised information, the organization says, varies depending on the benefits plan, but may include names, addresses, birth dates, government issued identification numbers, details of dental benefits claims, personal bank account numbers, corporate emails, and corporate bank accounts.
ADSC says it was able to recover the affected systems and data with minimal impact to its operations.
The incident notification and accompanying FAQ suggest that the organization was in contact with the attackers and that a ransom was paid.
“ADSC has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse,” ADSC says.
While the organization does not provide specific details on the ransomware gang behind the attack, IT World Canada claims that ADSC president Lyle Best has confirmed that a ransom payment was made to the 8Base ransomware gang, which provided proof that the stolen data was deleted.
Best did not disclose the ransom amount that was paid, but reportedly said that the initial intrusion vector was a phishing email and that the organization was able to restore the encrypted data from backups.
Related: Colorado Health Agency Says 4 Million Impacted by MOVEit Hack
Related: Personal Information of 11 Million Patients Stolen in Data Breach at HCA Healthcare
Related: Apria Healthcare Notifying 2 Million People of Years-Old Data Breaches
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
