The Breach

The recent data breach experienced by Managed Care of North America (MCNA) Dental has sent shockwaves throughout the cybersecurity world. As one of America's largest dental health insurers, MCNA's systems were infiltrated by cybercriminals who accessed and copied an extensive array of personal patient data. The breach, which impacted approximately nine million individuals in the United States, serves as a stark reminder of the growing threat of cybercrime and the importance of robust cybersecurity measures.

Between February 26 and March 7, 2023, an unknown actor breached MCNA Dental's computer system, gaining unauthorized access to a trove of sensitive information. The compromised data included names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, driver’s licenses, other government-issued ID numbers, and health insurance data. In some cases, the data related to patients’ “parent, guardian, or guarantor,” suggesting that children’s personal data was at risk during the breach.

The culprit behind this attack is the LockBit ransomware group, a Russia-linked cybercriminal organization that has claimed a number of high-profile victims in recent years. They claim to have exfiltrated and published all the files after MCNA Dental declined to meet their $10 million ransom demand. The group reportedly stole approximately 700GB of data during the intrusion, according to TechCrunch.

This event now stands as the largest breach of health information in 2023 so far, surpassing even the PharMerica breach, which affected nearly six million patients. MCNA Dental has since completed a review to determine the extent of the data breach but has yet to disclose further details about the incident.

What This Means for Cybersecurity

While this breach specifically impacted MCNA Dental, it serves as a clear signal to all organizations: the threat of cybercrime is real and growing. Businesses of all sizes are at increasing risk from sophisticated threat actors like the LockBit ransomware group. This incident underscores the necessity of strong cybersecurity protocols, regular staff training, and robust security infrastructure.

Here at Limehawk, we understand the challenges that organizations face in navigating the cybersecurity landscape. We're committed to helping you strengthen your defenses against these types of threats. Our team can assist you in assessing your current security posture, identifying potential vulnerabilities, and establishing strategies to fortify your defenses. We also offer comprehensive incident response plans to ensure that your organization is prepared to react swiftly and effectively in the event of a cyber incident.

The MCNA breach is a stern warning about the persistent and evolving threat of cybercrime. However, with proactive measures, continuous vigilance, and a commitment to robust cybersecurity, organizations can protect their data and maintain the trust of their clients.

Please don't hesitate to reach out if you have any questions or if you'd like more information about our services. Together, we can help safeguard your organization against the ever-present threat of cybercrime.

Stay safe in the digital world.