Managed Care of North America Dental provides government-sponsored plans for children and seniors.
One of the largest dental insurance providers in the United States has suffered an apparent ransomware attack, compromising the personal information of nearly nine million people in the country.
Managed Care of North America (MCNA) Dental calls itself the largest dental insurer in the US for government-sponsored plans providing coverage for seniors and children. It recently posted a notice in which it stated that it had become aware of “certain activity in our computer system that happened without our permission,” and that it was first noticed on March 6. After that date, they discovered that a hacker “was able to see and take copies of some information in our computer system” between February 26 and March 7, 2023.”
The information accessed by the hacker includes a wealth of patient personal data. This includes patient names, dates of birth, mailing addresses, phone numbers, email addresses, Social Security numbers and driver’s licenses and other government-issued identification numbers. Hackers have also accessed the health insurance data of the patients, including Medicaid ID numbers and plan information and their billing and claims information.
In certain situations, the compromised dental insurance data was of a patient’s “parent, guardian or guarantor.”
This indicates that the personal data of children had been accessed as a result of the dental insurance breach.
The insurer filed a data breach notification with Maine’s attorney general. According to that document, there were over 8.9 million MCNA Dental clients affected by the hack. This makes the incident the largest health information breach so far this year, affecting far more than the PharMerica breach that impacted the personal data of nearly 6 million of their patients.
According to MCNA Dental insurance, on May 3rd, it completed its review to determine what was affected. That said, more than two months after the data breach, it has yet to provide any greater details regarding the cyberattack. Requests for comment did not receive an immediate reply at the time this article was written.
