Dental insurer Managed Care of North America (MCNA) has revealed that it recently fell victim to a ransomware attack, resulting in the compromise of highly sensitive medical data. The intrusion occurred between February 26th and March 7th, during which an unauthorized party gained access to and made copies of patient information. The stolen data includes addresses, Social Security numbers, driver’s licenses, and insurance details. MCNA estimates that over 8.9 million individuals have been affected, including parents, guardians, and guarantors who pay bills on behalf of others.
While MCNA has not yet identified the perpetrator, TechCrunch has learned that the Russia-based LockBit ransomware group is claiming responsibility for the attack. The group alleges that it has published all the files after MCNA refused to pay a $10 million ransom. Samples of the data, totaling approximately 700GB, have been released to support the claim.
