CyberSecurityBoard
Sponsor Register Login

Delta Dental of California data breach exposed info of 7 million people

Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach.
Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association.
According to a Delta Dental of California data breach notification, the company suffered unauthorized access by threat actors through the MOVEit file transfer software application.
The software was vulnerable to a zero-day SQL injection flaw leading to remote code execution, tracked as CVE-2023-34362, which the Clop ransomware gang leveraged to breach thousands of organizations worldwide.
Delta Dental of California learned about the compromise on June 1, 2023, and five days later, following an internal investigation, it confirmed that unauthorized actors had accessed and stolen data from its systems between May 27 and May 30, 2023.
The second, more lengthy investigation to determine the exact impact of the security incident was completed on November 27, 2023.
Based on this, the data breach has so far impacted 6,928,932 customers of Delta Dental of California, who had their names, financial account numbers, and credit/debit card numbers, including security codes, exposed.
Delta Dental of California provides 24 months of free credit monitoring and identity theft protection services to impacted patients to mitigate the risk of their exposed data.
Details on enrolling in the program are enclosed in the personal notices.
If you are a customer of Delta Dental of California, you are advised to be cautious with unsolicited communications, as your data may have been already shared with phishing actors, scammers, and other cybercriminals.
The Delta Dental of California case is the third largest MOVEit data breach, only behind Maximus and Welltok.
Update 12/15/23: Updated article to make clear the the breach is with the Delta Dental of California and its affiliates, rather than the Delta Dental Plans Association.
Welltok data breach exposes data of 8.5 million US patients.
Auto parts giant AutoZone warns of MOVEit data breach.
Maine govt notifies 1.3 million people of MOVEit data breach.
Toronto Public Library confirms data stolen in ransomware attack.
DP World confirms data stolen in cyberattack, no ransomware used.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 15 Dec 2023 19:05:07 +0000


Cyber News related to Delta Dental of California data breach exposed info of 7 million people

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
6 months ago Bleepingcomputer.com
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
6 months ago Bleepingcomputer.com
Delta Dental of California Discloses Data Breach Impacting 6.9 Million People - Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as result of the MOVEit hacking incident. In notification letters it started sending out last week to the ...
6 months ago Securityweek.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
6 months ago Securityboulevard.com
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
6 months ago Cisa.gov
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
7 months ago Bleepingcomputer.com
Mortgage giant Mr. Cooper data breach affects 14.7 million people - Mr. Cooper is sending data breach notifications warning that a recent cyberattack has exposed the data of 14.7 million customers who have, or previously had, mortgages with the company. Mr. Cooper is a Dallas-based mortgage lending firm that employs ...
6 months ago Bleepingcomputer.com
MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed - Delta Dental of California and affiliates disclosed a data breach following a global security incident linked to the vulnerability in MOVEit file transfer software by Progress Software. According to a breach notification filed with the Maine Attorney ...
6 months ago Infosecurity-magazine.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
4 months ago Securityzap.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov
MongoDB issues weekend warning of breach The Register - Critical vulnerabilities: The not-patch-Tuesday list. As is usually the case this time of month, the most pressing vulnerabilities of recent days were revealed/patched in Patch Tuesday releases. CVSS 9.8 - So many CVEs: Siemens SIMATIC S7-1500 CPU ...
6 months ago Go.theregister.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
3 months ago Cisa.gov
Collection agency FBCS ups data breach tally to 3.2 million people - Debt collection agency Financial Business and Consumer Solutions now says over 3.2 million people have been impacted by a data breach that occurred in February. FBCS is a nationally licensed debt collection agency in the U.S., specializing in ...
1 week ago Bleepingcomputer.com
Mozilla adds paid-for data-deletion tier to Monitor service The Register - Mozilla on Tuesday expanded its free privacy-monitoring service with a paid-for tier called Mozilla Monitor Plus that will try to get data brokers to delete their copies of subscribers' personal information. Mozilla introduced Monitor in 2018 as a ...
4 months ago Go.theregister.com
Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
6 months ago Bleepingcomputer.com
Android game dev's Google Drive misconfig highlights cloud security risks - Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. The ...
6 months ago Bleepingcomputer.com
FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
5 months ago Bleepingcomputer.com
PJ&A says cyberattack exposed data of nearly 9 million patients - PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. PJ&A provides medical transcription services to healthcare organizations in the United States. The company said the threat actors ...
7 months ago Bleepingcomputer.com
WebTPA data breach impacts 2.4 million insurance policyholders - The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. Some of the impacted people are customers at large insurance companies such ...
1 month ago Bleepingcomputer.com
Orrick Data Breach: Law Firm Dealing with Data Breaches Hit by One - An international law firm assists businesses impacted by security events has experienced a cyberattack, where it compromised the sensitive health information of hundreds of thousands of data breach victims. Orrick, Herrington & Sutcliffe, the San ...
5 months ago Cysecurity.news
Thousands of Young People Told Us Why the Kids Online Safety Act Will Be Harmful to Minors - How young people feel about the Kids Online Safety Act matters. These comments show that thoughtful young people are deeply concerned about the proposed law's fallout, and that many who would be affected think it will harm them, not help them. In ...
3 months ago Eff.org
Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
7 months ago Bleepingcomputer.com
EasyPark discloses data breach that may impact millions of users - Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December 10, 2023, which impacts an unknown number of its millions of users. EasyPark is a Swedish company that creates mobile and web apps ...
6 months ago Bleepingcomputer.com
China's MIIT Proposes Color-coded Contingency Plan for Security Incidents - On Friday, China proposed a four-tier classification system, in an effort to address data security incidents, underscoring concerns of Beijing in regards to the widespread data leaks and hacking incidents in the country. This emergency plan comes ...
6 months ago Cysecurity.news
Vans and North Face owner VF Corp hit by ransomware attack - American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions. VF Corp. is a Colorado-based apparel firm owning ...
6 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)