Hundreds Of Dentist’s Offices Hit With Ransomware Attacks, Due To Compromise Of Dental Data Security Service

In response to multiple news reports that hundreds of dentist’s offices have been attacked by ransomware this week as a result of software providers Digital Dental Record and PerCSoft, two Wisconsin-based companies who collaborated on DDS Safe a dental records and patient information back-up and security organization. An expert with the Shared Assessments Program, the member-driven leaders in third party risk management, offers perspective.

Experts Comments

August 30, 2019
Javvad Malik
Security Awareness Advocate
KnowBe4
Ransomware operators, while for the most part are opportunistic, there has been a pattern emerging of late whereby they are attacking certain specific sectors such as cities, schools, and, in this case, dentist offices. The unfortunate fact that this is the third time this has happened to MSPs since June means that operators are evolving their attacks faster than organisations are able to implement defences. When we look at a number of these attacks, most are successful not because of any.....Read More
Ransomware operators, while for the most part are opportunistic, there has been a pattern emerging of late whereby they are attacking certain specific sectors such as cities, schools, and, in this case, dentist offices. The unfortunate fact that this is the third time this has happened to MSPs since June means that operators are evolving their attacks faster than organisations are able to implement defences. When we look at a number of these attacks, most are successful not because of any advanced techniques, but rather through tried and tested methods and by exploiting well-known vulnerabilities. While it is impractical for companies to keep up-to-date with every single exploit and patch available, it is worth assessing those vulnerabilities that have the biggest impact and deploying controls that have the best return on investment. One of the challenges is that technology offerings alone have not been able to prevent the spread of ransomware. Therefore, it is just as important that all staff receive appropriate training and awareness so that they are less likely to fall victim to phishing attacks, which are often the cause of ransomware attacks.  Read Less
August 30, 2019
Tom Garrubba
Senior Director and CISO
Shared Assessments
Dental offices that file claims, verify eligibility, or make digital treatment authorizations are operating under the HIPAA regulation and must ensure they have appropriate security and privacy practices in place. There is a perception that dental practices have been flying under the OCR’s radar (the Office of Civil Rights investigates HIPAA violations) for years and this announcement may bring this under renewed scrutiny. As more private dental practitioners migrate to larger managed.....Read More
Dental offices that file claims, verify eligibility, or make digital treatment authorizations are operating under the HIPAA regulation and must ensure they have appropriate security and privacy practices in place. There is a perception that dental practices have been flying under the OCR’s radar (the Office of Civil Rights investigates HIPAA violations) for years and this announcement may bring this under renewed scrutiny. As more private dental practitioners migrate to larger managed organizations, emphasis on adequate enterprise-wide security and privacy practices should be top-of-mind for their senior leadership.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.