The American Dental Association (ADA) was hit by a cyberattack. Currently, the association is actively investigating the attack and shutting down some network systems.
The American Dental Association (ADA) provides dental health training, seminars and courses primarily to its 175,000 members. For many Americans, an ADA seal on everyday oral hygiene products like toothpaste and toothbrushes indicates that the product is safe and contributes to oral health.
ADA hit by cyberattack
The cyberattack forced the ADA to take some of the affected systems offline, disrupting various online services, phone calls, emails and web chats. Separately, the ADA website also put up a banner explaining that its website was experiencing technical difficulties and was working to fix the system.
It is reported that the cyber attack severely affected ADA services including ADA Store, ADA Directory, MyADA, Conference Registration, Dues Page, ADA CE Online, ADA Qualification Services and ADA Practice Transition.
The cyberattack not only affected the ADA’s website, but also had a huge impact on organizations that use ADA’s online services to register accounts or pay dues, such as dental societies in New York, Virginia, and Florida.
Shortly after the attack, the ADA began sending emails to its members, including dental associations, clinics and organizations in various states, providing updates on the cyberattack and other information. The email mainly described the disruption of services including Aptify and ADA emails, phone calls and web chats after ADA suffered a cyber attack. In addition, ADA emphasized in the email that after discovering the attack, it has shut down the affected system for the first time, and cooperated with third-party cybersecurity experts and law enforcement agencies to investigate the attack.
In the end, the ADA said preliminary findings showed that no member information or other data was compromised. Bleeping Computer has contacted ADA for details about the attack, but has not received a response.
Black Basta ransomware gang leaks ADA data
As the attack continued to unfold, a new ransomware gang called Black Basta claimed responsibility. According to cybersecurity researcher MalwareHunterTeam, attackers have begun leaking data stolen during the ADA attack. Currently, about 2.8GB of data including W2 forms, NDAs, accounting spreadsheets, etc. have been compromised, which the attackers say accounts for 30% of the stolen data.
Small dental practices generally do not have dedicated security or network administrators, and the lack of dedicated IT staff often results in a very insecure network, so the leakage of dental information can be particularly damaging. ADA members’ information may be leaked to other attackers, and ADA members are strongly advised to be wary of spear phishing emails.
Cyber attacks are not avoided in a day. Avoiding harm from cyberattacks requires long-term adherence to data protection. To protect data well, long-term data backup is required. With the expansion of the scale of modern enterprises and the increase of enterprise data, the conventional data backup methods are now less and less suitable for the needs of enterprises. Therefore, many enterprises will choose to use virtual machines for backup, such as VMware Backup, Hyper-V Backup and so on.
