Each impacted covered entity has reported the breach to the HHS Office for Civil Rights.
It is known that protected health information for around 173,000 people was compromised.
The following PDA organizations have informed HHS of affected patient numbers:
Florida: 18626, Georgia: 23974, Illinois: 16673, Massachusetts: 607, Michigan: 26054, Indiana: 7359, Connecticut: 6237, Tennessee:11217, New York: 10778, and Texas: 4235.
The impacted accounts were secured right away to stop further unwanted access.
After employees responded to phishing emails, an investigation was opened, which discovered multiple email accounts were accessed by an unauthorized person.
The compromised information includes names, addresses, email addresses, phone numbers, insurance information, Social Security numbers, dental information, and/or financial information.
Professional Dental Alliance says the electronic dental record system and dental images were not accessed.
Affected individuals have been urged to take caution, check their credit reports and account statements, and keep an eye out for any indications that their data has been misused.
According to Professional Dental Alliance, affected people will receive a free two-year membership to credit monitoring and identity theft protection services.
TPRM report: https://www.rankiteo.com/company/smiledentalcenter
"id": "smi1752291122",
"linkid": "smiledentalcenter",
"type": "Breach",
"date": "6/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 173000,
'industry': 'Dental Care',
'location': ['Florida',
'Georgia',
'Illinois',
'Massachusetts',
'Michigan',
'Indiana',
'Connecticut',
'Tennessee',
'New York',
'Texas'],
'name': 'Professional Dental Alliance',
'type': 'Healthcare'}],
'attack_vector': 'Phishing',
'data_breach': {'number_of_records_exposed': 173000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
'email addresses',
'phone numbers',
'insurance information',
'Social Security numbers',
'dental information',
'financial information']},
'description': 'A data breach at Professional Dental Alliance compromised the '
'protected health information of around 173,000 individuals. '
'The breach was reported to the HHS Office for Civil Rights '
'and was discovered after employees responded to phishing '
'emails, leading to unauthorized access of multiple email '
'accounts.',
'impact': {'data_compromised': ['names',
'addresses',
'email addresses',
'phone numbers',
'insurance information',
'Social Security numbers',
'dental information',
'financial information']},
'initial_access_broker': {'entry_point': 'Phishing emails'},
'post_incident_analysis': {'root_causes': 'Employees responding to phishing '
'emails'},
'recommendations': 'Emphasis on phishing awareness and training for employees',
'regulatory_compliance': {'regulatory_notifications': 'Reported to the HHS '
'Office for Civil '
'Rights'},
'response': {'communication_strategy': 'Informed affected individuals and '
'urged them to monitor their credit '
'reports and account statements',
'containment_measures': 'Secured impacted accounts to prevent '
'further unauthorized access',
'incident_response_plan_activated': True,
'law_enforcement_notified': True},
'title': 'Professional Dental Alliance Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human error'}