The private knowledge of extra than a million Texans may possibly have been exposed in a cyber-assault on a big dental treatment supplier.
The protection incident transpired at Dallas-based JDC Healthcare Management LLC (JDC), which has 72 Jefferson Dental & Orthodontics offices across the Lone Star Point out.
In a data incident observe posted to its web page, JDC wrote: “On or about August 9, 2021, JDC grew to become mindful of a malware incident impacting certain corporation systems.
“JDC promptly worked to restore its units and introduced an investigation, with support from third-social gathering pc forensic experts, to establish the nature and scope of the incident.”
After launching an investigation into the assault, Jefferson commenced notifying impacted people in January. Knowledge that may have been compromised in the assault bundled Social Stability figures, dates of birth, driver’s license numbers, health insurance plan info, scientific information and fiscal information and facts.
“While our investigation is ongoing, on August 13, 2021, we established that particular documents stored within just JDC’s natural environment had been copied from or viewed on the process as aspect of the cyber incident involving July 27 2021 and August 16,2021,” stated the enterprise.
“Based on the investigation, JDC is presently conducting a comprehensive evaluation of the impacted details to identify the sort of facts and to whom it relates.”
The incident was noted to the Texas Attorney General’s Workplace as a info breach impacting up to 1,026,820 Texas residents, generating it the most significant claimed breach in the condition due to the fact Texas enacted a new knowledge breach notification law on September 1 very last calendar year, demanding providers to report all knowledge breaches affecting 500 or a lot more Texans to the Texas Lawyer General’s Business office.
The firm explained it experienced found no proof of any details exposed in the assault becoming misused. Due to the fact falling target to malware, JDC has begun a review of its cybersecurity posture.
“Upon learning of this incident, we moved promptly to look into and answer to this incident, evaluate the security of our units, restore performance to our environment, and notify likely affected persons,” claimed the company.
“As part of JDC’s ongoing determination to the protection of details, JDC is examining and boosting existing procedures and strategies to decrease the likelihood of a identical long run celebration and has noted this incident to law enforcement.”