Cyber Incident Victim: Heartland Dental
Date:
Mar 2013
Location:
United States of America
Summary
Unauthorized access to Heartland Dental's systems compromised three databases containing historical employment, discount plan, and patient financing application data, exposing personal information including names, addresses, Social Security numbers, email addresses, income and employment details, education levels, school affiliations, and employment references. The organization contained the intrusion, reinforced security measures, notified potentially affected individuals, and offered complimentary identity protection services for one year, though no reports of data misuse were confirmed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between March 31, 2013, and March 23, 2015, unauthorized individuals gained access to three databases within Heartland Dental's IT infrastructure. These databases contained historical information from employment applications, discount plan applications, and patient financing applications. The breach persisted for nearly two years before being detected and contained by the Illinois-based dental support organization. Attackers compromised specific websites operated by Heartland Dental, though the exact methods of initial intrusion and persistence mechanisms were not publicly disclosed. The accessed systems stored extensive personal details, including full names, physical addresses, telephone numbers, email addresses, and Social Security numbers. Additionally, the compromised records contained sensitive employment-related information such as income details, education levels, school names, and employment references. Heartland Dental did not specify the total number of affected individuals in its public disclosures, nor did it identify whether the breach involved external attackers, insiders, or both. The company confirmed the breach impacted only a limited portion of its IT environment, with no evidence suggesting operational clinical systems or current patient treatment records were accessed.
Heartland Dental initiated containment measures upon discovering the intrusion in March 2015, though specific technical details about these actions were not provided. The organization reinforced its existing security technologies and began notifying all potentially impacted individuals by June 2015. Affected parties received offers for twelve months of complimentary identity protection services. Public notifications included a dedicated FAQ section on Heartland Dental's website and formal breach disclosures filed with relevant authorities, including the New Hampshire Department of Justice. The company stated it had not received any complaints or evidence indicating actual misuse of the compromised personal data as of the notification date. No information was disclosed regarding law enforcement involvement, forensic investigation methodologies, or whether the attackers extracted data versus merely accessing systems. The breach exposed vulnerabilities in Heartland Dental's legacy application databases, particularly those handling former employment and financial program data, though the organization did not specify whether these systems had received prior security assessments or updates before the intrusion.