14 DAY TRIAL // A short-lived cyber-intrusion was detected towards the end of February against the computer systems of Advantage Dental, exposing highly sensitive information of 151,626 patients.
The incident lasted for a period of three days, from February 23 until February 26, and it was discovered by the organization’s system administrators. As soon as the alarm was rung, the IT personnel took immediate measures to remove the risk.
However, it appears that one computer was compromised with malware, giving the attackers the possibility to access a database containing personal data of the patients.
This can be achieved with infostealers, a type of malware that collects credentials for different applications and accounts in order to reach important data and exfiltrate it to a remote machine.
One of the most prevalent methods cybercriminals use to infect a computer is via email messages that lure the recipient to a malicious online location or to execute malware in the attachment posing as a legitimate file.
The information exposed to the unauthorized third party consists of names, dates of birth, phone numbers, social security numbers and home addresses.
These can be used to carry out credit fraud, as well as other types of scams, with the purpose of tricking victims into disclosing more personal information.
Advantage Dental said that details about treatments, payments or financial information was not accessed by the intruder, according to The Register-Guard news outlet.
As part of the risk mitigating actions, Advantage offers all individuals affected by the incident one year of complimentary credit monitoring and identity protection services.