Ransomware Attack Exposes Sensitive Data of Pediatric Dentistry of Oklahoma Patients
Pediatric Dentistry of Oklahoma, based in Oklahoma City, recently disclosed a data breach stemming from a sophisticated ransomware attack on its third-party management company. The incident was detected on February 14, 2024, when unauthorized access to the network triggered an immediate response, including system lockdowns and an internal investigation.
Forensic analysis revealed that protected health information (PHI) and personally identifiable information (PII) of patients may have been accessed by threat actors. Exposed data includes names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical and dental histories, treatment details, medication records, and insurance information. The combination of sensitive health and identity data heightens risks for affected individuals, including potential identity theft and fraud.
While the exact number of impacted patients remains undisclosed, the breach is classified as severe due to the nature of the compromised data and the use of ransomware—a tactic often linked to data exfiltration and extortion. As of now, there is no evidence that the stolen information has been misused, though the possibility cannot be dismissed.
Pediatric Dentistry of Oklahoma is notifying affected individuals by mail and has provided resources for identity theft protection, including a dedicated contact line (405-946-2455) and mailing address (3613 NW 56th St., Suite 105, Oklahoma City, OK 73112). The practice has also directed patients to Federal Trade Commission (FTC) guidance for additional support.
The incident underscores the growing threat of ransomware targeting healthcare providers and their vendors, where sensitive patient data remains a prime target.
Source: https://www.claimdepot.com/data-breach/pediatric-dentistry-of-oklahoma-2026
SouthWestern Society of Pediatric Dentistry cybersecurity rating report: https://www.rankiteo.com/company/swspd
"id": "SWS1768001948",
"linkid": "swspd",
"type": "Ransomware",
"date": "2/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Oklahoma City, Oklahoma, USA',
'name': 'Pediatric Dentistry of Oklahoma',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Monitor account statements, obtain free credit '
'reports, consider placing fraud alerts or credit '
'freezes, report suspicious activity.',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Patient names',
'Addresses',
'Dates of birth',
'Social Security numbers',
'Driver’s license numbers',
'Limited medical and dental '
'histories',
'Medical and dental diagnoses '
'and/or treatment information',
'Medication details',
'Medical and dental insurance '
'information']},
'date_detected': '2024-02-14',
'description': 'Pediatric Dentistry of Oklahoma was involved in a data breach '
'involving sensitive patient information due to a '
'sophisticated ransomware attack on its third-party management '
'company.',
'impact': {'data_compromised': 'Protected health information (PHI) and '
'personally identifiable information (PII)',
'identity_theft_risk': 'High',
'systems_affected': "Third-party management company's network"},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Potential'},
'recommendations': 'Monitor account statements, obtain free credit reports, '
'consider placing fraud alerts or credit freezes, report '
'suspicious activity to financial institutions and law '
'enforcement.',
'references': [{'source': 'Data breach notification'}],
'response': {'communication_strategy': 'Notification by mail to affected '
'individuals',
'containment_measures': 'Immediate action to secure systems',
'third_party_assistance': 'Forensic specialists'},
'title': 'Pediatric Dentistry of Oklahoma Data Breach',
'type': 'Ransomware'}