DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More than 1 million patients notified of hack involving Dental Care Alliance

Posted on December 9, 2020 by Dissent

Dental Care Alliance is notifying patients this week of a hacking incident that began on September 18,  was discovered October 11, and contained on October 13.

Dental Care Alliance, LLC is based in Sarasota Florida, and describe themselves as a dental support organization.  As they inform patients on their web site:

You won’t see the Dental Care Alliance name on any practice door, but more than 320 affiliated dental practices in 20 states are backed by our commitment to ensuring uncompromising dental care at costs you can afford. We’re Stronger Together…

From their template notification, a copy of which was obtained by DataBreaches.net, they report that the information that could have been subject to unauthorized access included:

name, address, dental diagnosis and treatment information, patient account number treating, billing information, dentist’s name, bank account number, and health insurance information. Only approximately 10% of the population had a bank account number potentially impacted.

With all that sensitive information involved, you might think that the practice would offer remediation services to the 1,004,304 people affected but they do not seem to have made any such offer — at least not to residents of Maine.

DataBreaches.net emailed DCA to get clarification as to why there was no offer of  mitigation services. The email also asked other questions, including whether this was a ransomware incident.  Dave Quigley, General Counsel for DCA did not answer all questions put to him, but did respond:

Thank you for your inquiry. DCA has notified impacted individuals and all relevant regulatory bodies of this matter. We have seen no specific evidence that personal information was used for malicious purposes. We will continue to do all that is necessary and appropriate to support and inform impacted individuals in the days ahead.

And for those who are wondering:  no, DCA does not seem to have any affiliated practices in California, so CCPA doesn’t seem to come into play here. But can a lawsuit be far behind with all those data types involved?


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
Category: Breach IncidentsHackHealth DataHIPAAU.S.

Post navigation

← KR: Telecom LG U+ fined as a third party downloads and sells customer data
European Medicines Agency claims victim of cyberattack (updated) →

1 thought on “More than 1 million patients notified of hack involving Dental Care Alliance”

  1. Vernon says:
    December 16, 2020 at 2:41 pm

    I received a notification letter and called the number provided. It was to a call center and the letter was essentially read back to me. You are correct in the types of data harvested and the seemingly cavalier attitude by DCA. Me not happy at all…

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app
  • Au: Qantas hackers gave airline 72-hour deadline
  • Honeywell vulnerability exposes building systems to cyber attacks
  • Recent public service announcements of note — parents should take special note of these
  • Au: Junior doctor faces fresh toilet spying charges as probe widens to other major hospitals

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.