In yet another data breach in Australia, a user under the alias “RADAR” has claimed on the dark web to have access to Australia-based Dental clinic, Dental One. The threat actor’s post on BreachForums claim 500 GB of customer health data.

Dental One operates five clinics in Melbourne. According to the post, the data was taken from the servers of the Craigieburn-based clinic, consisting of customers’ protected health information (PHI), invoices, reports, scans, online forms, important documents etc.

Cyble Research & Intelligence Labs (CRIL) has confirmed the presence of the data and that the threat actor is a self-proclaimed ransomware group. However, this appears to be an act of a lone wolf, said Cyble CEO Beenu Arora in a LinkedIn post.

“A nefarious individual, self-proclaimed as a ransomware group, has reportedly taken to a #cybercrime forum (#Breached) to announce the sale of purloined data from the servers of Dental One, a dental clinic based in #Australia,” read the post.

Dental One data and possible damages

Along with the protected health information snippets, the threat actor also shared a screenshot of the folder-tree of stolen data in the post. According to CRIL researchers, the extent of attack seems to be limited to Craigieburn clinic.

However, threat to the other four clinics in Melbourne – Lower Templestowe, Epping North, Richmond – Victoria Gardens, and Reservoir – cannot be ruled out in future, they added.

“It is becoming increasingly evident that the frequency and severity of cybercrime incidents in Australia are reaching alarming levels, as evidenced by the recent high-profile breaches at Singtel and Medibank,” the Cyble CEO’s post said. “These events serve as a sobering reminder of the perpetual threat of cyberattacks and the importance of remaining vigilant in the face of such nefarious activities.”

Dental One not the only one

Although comparatively smaller in size boutique services such as dental clinics still hold PIIs and treatment data substantial enough to attract data pilferers and ransomware groups. Dental One is not the first to fall prey to hackers.

In April 2022, the Black Basta ransomware gang targeted the American Dental Association (ADA), disrupting the normal functioning of the organization’s computer network and causing most of their online services to be paralyzed.

While the ADA did not specify which types of data were leaked, many news websites have since then reported finding close to 3 GB of data, including W2 forms, non-disclosure agreements, and accounting spreadsheets, on the dark web.

The hackers claim that this leaked data represents only about 30% of the total data stolen in the attack. On July 15, 2022, the ADA sent data breach letters to all individuals whose information was compromised in the attack. In March 202, Jefferson Dental and Orthodontics, which has 72 offices across Texas, reported a data breach affecting up to 1,026,820 Texans.

In October 2020, US-based group of dental clinics Dental Care Alliance disclosed that it had been the victim of a hack that began in September 2020. The organization was able to contain the attack in a month, it said.

Healthcare Sector an Easy Target

A study by the Ponemon Institute shed light on the numerous cyber-attacks in the Healthcare Sector that have increased the risk to patients and gravely impacted care delivery.

Post the upgradation of technology, the safety of patient data in the Healthcare sector has been directly linked to cyber security due to the dependence on online devices. However, cybercriminals are using loopholes in the security systems to launch attacks and make hospital servers inaccessible, leading to a delay in finding patient data and providing timely healthcare, resulting in deaths.

Healthcare servers store data of thousands of patients and staff alike, including their contact, financial and health details. However, hackers have utilized this extensive database to create better monetization opportunities as they get instant access to information with a single breach. Hence, there is an urgent need for the healthcare sector to invest in building cybersecurity infrastructure.