MCNA Dental, North America's largest dental insurer, had to notify all of its nearly 9 million customers that 700GB of data was lost. LockBit probably captured a lot of personal customer data. As an apology, MCNA Dental offers all customers a 12-month Identity Theft Protection and Credit Monitoring Service through IDX at no charge.
According to company information, LockBit hacked into MCNA Dental's systems on February 26th. It was probably not until March 06th that the hackers were found in the network and countermeasures were initiated. By then, the APT group LockBit had found everything and removed the data. According to LockBit, they want to have captured 700 GB of data. Shortly thereafter, the group started extortion on their leak page.
LockBit wants 700 GB of data from MCNA
Apparently, MCNA did not address the extortion and $10 million payment. Therefore, LockBit has now published some of the data on the Darknet and is offering the rest of for sale. After this step, MCNA has now reacted: A few days ago, the company published an official announcement on its website and informed all 8,9 million customers about the data loss.
MCNA states that a lot of personal information ended up at LockBit, including:
- Information used to contact you, such as first and last name, address, date of birth, telephone number, email
- Social security number
- Driver's license number/other government-issued ID number
- Health Insurance (Plan Information, Insurance Company, Membership Number, Medicaid Medicare ID Numbers)
Dental or braces care (visits, dentist name, doctor name, previous treatments, x-rays/photos, medication and treatment) - bills and insurance claims
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
Free identity and data protection for 12 months
At least MCNA has come up with something: so that customers are better protected, at least for the next 12 months, they can use the IDX service for identity and data protection free of charge. The service monitors the network, informs those affected and helps them if necessary. It is to be expected that customer data will increasingly be used for phishing attacks.
More at MCNA.net