Smile Brands, one of the nation’s largest providers of dental support services, recently experienced a breach that affected over 2.5 million individuals. Smile Brands is based in Irvine, CA, and reported the ransomware incident in June 2021 after becoming aware of an attack on its computer systems in April of 2021. The breach affected the company’s PHI (personal health information) and was reportedly acquired by an unauthorized third party.
It’s the latest in significant breaches to hit the news. Here are the stats (scroll for why this breach should matter to you).
- Compromised data included: patients’ names, addresses, telephone numbers, Social Security numbers, health insurance information, dates of birth, and miscellaneous diagnosis information.
- 2,592,494 individuals were ultimately notified as potentially affected by the breach.
- The fallout included a lawsuit against Smile Brands and one of its affiliates for allegedly negligently leaving their computer systems open to attack. Those filing the lawsuit claimed that Smile Brands had left its systems vulnerable to unauthorized individuals viewing, acquiring, accessing, and exfiltrating data for illegal use.
Cybercriminals aren’t typically just breaching companies to be paid a one-time ransome; they’re also stealing data and using it nefariously. Follow-up threats to release the data, selling the data on the dark web, and targeting the individuals in the data with pointed phishing attempts are all made possible when data exfiltration occurs during a breach.
As a business, you hold a serious responsibility to protect the data of your customers or patients. Especially in the case of healthcare, it is vital given the sensitive nature of PHI.
Choosing to invest in proper IT security is no longer an option–it’s a necessity. No matter the size or scope of your business, you must be investing in appropriate IT security protocols and preventative measures to protect your customers. Get in touch with PK Tech if we can help.