Cyber Incident Victim: Dental Health Associates, P.A.

The incident involving Dental Health Associates, P.A. occurred in the context of a ransomware attack against the New Jersey Dental Hygienists’ Association (NJDHA) by the REvil (Sodinokibi) threat actor group. The attack was initiated on or shortly after October 20, 2020. REvil operators exfiltrated and subsequently dumped over 70,000 files from NJDHA systems onto their dedicated leak site. Forensic analysis of the leaked data revealed numerous files containing Dental Health Associates, P.A.’s name and letterhead, indicating that their protected information was compromised during the breach of NJDHA. This collateral exposure occurred despite no direct evidence that REvil targeted Dental Health Associates’ own infrastructure. The threat actors employed ransomware tactics typical of REvil operations, involving data encryption, exfiltration, and extortion through the threat of public data disclosure.

The compromised Dental Health Associates records exposed through NJDHA’s breach included unspecified sensitive information, though the exact data categories and patient impact volume were not publicly disclosed. No evidence indicated Dental Health Associates independently detected or reported a breach of their systems, suggesting the compromise originated solely through their association with NJDHA. As of the article’s publication date, Dental Health Associates had not issued public statements, breach notifications to patients, or submissions to HHS’s breach portal regarding this incident. The absence of documented containment actions or communications left the full scope of impacts on Dental Health Associates’ patients unverified. REvil’s data dump remained publicly accessible, perpetuating ongoing risks of misuse of the exposed dental health information.