DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

7×7 Dental Implant & Oral Surgery alleged victim of Abyss ransomware group

Posted on April 7, 2023 by Dissent

A leak site called “Abyss” recently added 7×7 Dental Implant & Oral Surgery Specialists of San Francisco (7×7) to their site and claimed to have 114 GB of the dental practice’s files. A file tree showing 2,891 directories and 63,557 files was posted as proof of claim.

Some of the filenames suggest business-related internal documents, while others are likely employee-related files. The bulk of the files appears to be patient-related. Most of these are image files in .jpg or .dcm format. Some .pdf files appear to be referral letters or reports.

Protected health information (PHI) appeared to be exposed in the file tree itself as filenames often incorporated patients’ first and last names with the date of service.  Other filenames contained an initial with a last name plus the service date. Using Google search and a small sample of less common names, DataBreaches was able to find people in the area with the same first and last names as in the file tree.

7 x 7 has yet to respond to DataBreaches’ website contact inquiry of March 30 or an email of April 5. There has been no confirmation from them, then, of any attack or that the file tree data is theirs.

Abyss’s site does not indicate whether they have given 7×7 a deadline for responding to avoid a data dump. Inspection of the file tree suggests that the data were likely exfiltrated on or after March 7, 2023, which was the most recent date of service in some filenames. In a matter of approximately three weeks then, Abyss exfiltrated data and then named the victim publicly to increase pressure on them.

DataBreaches has no information on Abyss, but some sites refer to them as a ransomware group. Abyss does not have any contact info on their leak site.

This post will be updated if more information becomes available.

 

Related posts:

  • Dental Center of Northwest Ohio’s notifies patients after IT vendor Arakÿta experiences ransomware incident
  • MN: Delta Dental Disk with The Smile Center Patient Data on It Stolen Months Ago; No One Notified Patients?! (update1)
  • Jones Family Dental Notice Of Data Event
  • SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files
Category: Breach IncidentsHealth DataMalwareU.S.

Post navigation

← Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands
A Visual Journey Through Computer Setups Revealed by Recent Cybercrime Raids →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.