Ransomware Attack on Dental Insurer MCNA Exposes Data for Nearly 9 Million Patients

Dental insurer Managed Care of North America (MCNA) has revealed that it recently fell victim to a ransomware attack, resulting in the compromise of highly sensitive medical data. The intrusion occurred between February 26th and March 7th, during which an unauthorized party gained access to and made copies of patient information. The stolen data includes addresses, Social Security numbers, driver’s licenses, and insurance details. MCNA estimates that over 8.9 million individuals have been affected, including parents, guardians, and guarantors who pay bills on behalf of others.

While MCNA has not yet identified the perpetrator, TechCrunch has learned that the Russia-based LockBit ransomware group is claiming responsibility for the attack. The group alleges that it has published all the files after MCNA refused to pay a $10 million ransom. Samples of the data, totaling approximately 700GB, have been released to support the claim.

In response to the breach, MCNA is offering one year of free identity theft protection to affected customers and advising them to monitor their accounts and bills for any signs of suspicious activity. As the largest insurer in the United States for government-backed plans catering to children and seniors, MCNA’s partners include New York City and numerous unions.

This incident stands as the largest health data breach of 2023 thus far, surpassing the previous record set by the March breach at PharMerica, which impacted nearly 6 million patients. While MCNA is not alone in facing ransomware attacks, the industry has responded in varying ways. Some organizations have refused to pay ransoms and have dealt with the consequences, while others have opted to pay substantial sums to regain control of their systems.

The incident also suggests that LockBit has not been deterred by recent law enforcement actions. The alleged leader of the group, Mikahil Vasiliev, was arrested by Canadian police in November, and a Russian national was charged by the US in March. However, LockBit has been linked to high-profile attacks, including those targeting California’s finance department and the UK’s Royal Mail. Such campaigns are likely to persist in the future.

As the investigation into the MCNA breach continues, cybersecurity remains a critical concern for organizations across the healthcare sector. Safeguarding sensitive patient information against evolving threats and implementing robust preventive measures will be crucial to protect individuals’ privacy and maintain trust in the healthcare system.