DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Email breach at vendor to alliance of dental practices impacts numerous practices, more than 170,000 patients

Posted on October 22, 2021 by Dissent

For the second time in the past year, an alliance serving dental practices has been hit with a cyberattack.  Last year’s attack impacted patients at Kids First Dentistry & Orthodontics, a subsidiary of Professional Dental Alliance  of Connecticut.  They reported a a ransomware attack on First Impressions Orthodontics impacted their patients.

This year, a number of state Professional Dental Alliance (PDA) units are reporting to HHS and patients following a breach at their vendor, North American Dental Management (NADM). NADM’s breach, which was the result of a phishing attack, took place between March 31 and April 1, 2021. NADM provides administrative and technical support services for Professional Dental Alliance offices.

According to the North American Dental Group’s web site:

The Professional Dental Alliance (PDA) is a group of dentists affiliated with the North American Dental Group (NADG). The PDA is led by the Oral Health Board (OHB), an internal board of dentists charged with guiding clinical activities to ensure best-in-class oral health care for patients. The PDA is transforming the holistic dental experience by integrating the best clinical practices, setting comprehensive standards of care, sourcing high-quality supplies, providing ongoing doctor training and mentorship, and adopting a unique data and outcome-driven approach to dentistry with a focus on collaboration.

NADM and NADG seem to share the same phone number.

So far, more than 170,000 patients have reportedly been notified  of the NADM breach. It is not yet clear why it took six months from the incident to provide notice to patients and HHS.

As of today, the following PDA entities have reported impacted patient numbers to HHS:

Florida: 18626
Georgia: 23974
Illinois: 16673
Massachusetts: 607
Michigan: 26054
Indiana: 7359
Connecticut: 6237
Tennessee:11217
New York: 10778
Texas: 4235

There was also one entry for PDA that did not indicate any state: 47173, and one entry for NADG Hopewell for 1143 patients.


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Missouri Adopts New Data Breach Notice Law
Category: Health DataSubcontractorU.S.

Post navigation

← Chico State employee charged with hacking, leaking vaccine exemption requests
PA: Westmoreland County Children’s Bureau employee facing charges for accessing info to tip off a relative of investigation →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied
  • More than 1 million patients affected by DaVita ransomware attack; those are preliminary numbers
  • Cisco discloses data breach impacting Cisco.com user accounts
  • Scattered Spider is NOT quiet. They’re just under another name now.
  • Exclusive: Brosix and Chatox promised to keep your chats secured. They didn’t.
  • Cencora & The Lash Group reach $40M settlement in data breach class action
  • Thai hospital fined 1.2 million baht for data breach via snack bags
  • Follow-up: Qilin responds to claims by affiliate and leak by competitor
  • Dutch Prosecution Service begins phased system reboot after cyberattack
  • New York Upgrades Its Firewall Against Cyberattacks

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Flightradar24 receives reprimand for violating aircraft data privacy rights
  • Nebraska Attorney General Sues GM and OnStar Over Alleged Privacy Violations
  • Federal Court Allows Privacy Related Claims to Proceed in a Proposed Class Action Lawsuit Against Motorola
  • Italian Garante Adopts Statement on Health Data and AI
  • Trump administration is launching a new private health tracking system with Big Tech’s help
  • Attorney General James Takes Action to Protect Sensitive Personal Information of Tens of Millions of People
  • Searches of Your Private Data in the Cloud Amount to Illicit State Action

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.