Menu
Browse

Cyber Incident Victim: JDC Healthcare Management

Date:

Jul 2021

Location:

United States of America

Summary

A Texas-based dental services provider experienced a cybersecurity incident where attackers accessed its network for several weeks, compromising personal information of over one million individuals. The breach involved unauthorized copying or viewing of sensitive data including names, addresses, Social Security numbers, driver’s license and ID numbers, alongside health and financial details. Malware was deployed during the attack, prompting the organization to take systems offline for restoration and initiate an investigation. While no evidence of data misuse has been identified, the provider continues reviewing its security policies to prevent future incidents.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 2 techniques
Threat Actors Type Location
0 actors Available to members Available to members

Description

The data breach at JDC Healthcare Management (JDC), operator of over 70 Jefferson Dental & Orthodontics clinics in Texas, was discovered in August 2021 following unauthorized network access that persisted for approximately three weeks. Forensic investigations determined threat actors had infiltrated JDC's systems between July 27, 2021, and August 16, 2021, during which they copied or viewed sensitive documents stored within the company's environment. JDC formally notified the Texas Attorney General’s Office that personal information belonging to more than one million individuals was likely exfiltrated during this period. While the organization acknowledged it had not yet finalized the full scope of compromised data, confirmed impacted information included names, addresses, Social Security numbers, driver’s license numbers, government-issued identification numbers, and health and financial records. The breach notification letters sent to affected individuals did not specify the exact attack vector but confirmed malware involvement and system disruptions requiring restoration efforts.

Cyber Incident Image

On August 9, 2021, JDC identified the malware incident affecting specific company systems and immediately initiated containment measures, including taking impacted systems offline and commencing restoration procedures. The organization launched a forensic investigation with third-party specialists to assess intrusion details and data exposure. No evidence of misuse of the stolen information was identified during post-incident monitoring, though JDC advised affected individuals to monitor credit reports and financial accounts for potential identity theft or fraud. Internally, JDC initiated a review of existing security policies and operational procedures to strengthen defenses against future attacks. The healthcare provider did not publicly attribute the incident to ransomware but confirmed malware deployment and system availability impacts consistent with such attacks.

Sources
Sources available to members
2 sources