An estimated 432 dental practices were affected Aug. 26 in a ransomware attack against DDS Safe, a service from The Digital Dental Record, a subsidiary of the Wisconsin Dental Association that provides IT products and services to dentists. DDS Safe is a system that facilitates secure data backups for dental practice computer systems.

In a message to Wisconsin Dental Association members Aug. 30, Executive Director Mark Paget said the Wisconsin Dental Association Insurance and Services Corp. and IT partner PerCSoft were investigating the scope of the attack with the FBI's Cyber Crimes Task Force to determine next steps.

It is too early in the investigation to determine whether any practice or patient data were accessed or compromised, Mr. Paget said. As of Aug. 30, the Wisconsin Dental Association's legal counsel advised it was premature to notify patients that their information could have been compromised, as the scope of the attack was not yet known. 

"We don’t want to inform patients that information has been compromised if it hasn't, nor do we want to make assurances that data was not compromised if it was," he said. "While that process may be unsettling, it is important that the investigation be completed before sending out any notifications."

However, dentists can let their patients know about the business disruption, but they should make it clear the scope of the incident is still undetermined and work is underway to investigate the situation completely, Mr. Paget said.

"We are assured the investigation will be finished and any information provided within all legal reporting periods so that any required notifications can be made," he said.

The Wisconsin Dental Association Insurance and Services Corp. also advised all affected practices to contact their business insurance, cyber insurance and professional liability carriers to determine if coverage is available and start the claims process.
 
Ransomware is a type of malware that denies access to a computer system or data until a ransom is paid. Law enforcement does not recommend paying a ransom, but it is ultimately up to businesses to decide if the risks and costs of paying are worth the possibility of getting their files back, according to the Federal Trade Commission. The Wisconsin Dental Association did not pay a ransom, Mr. Paget said.

"We remain in close contact with the (Wisconsin Dental Association Insurance and Services Corp.) and PerCSoft, which reports it has brought in additional support to assist with and expedite the restoration process," he said. "We do not have an exact number of practices that have been restored, but PerCSoft reports they are making continual progress on data recoveries. Work will continue over the long holiday weekend, and (Wisconsin Dental Association Insurance and Services Corp.) staff will continue to take customer calls over the holiday as well."

Impacted dentists can call 1-414-755-4170 or 1-414-755-4196 for help.

In a separate incident, four American Dental Association members contacted the ADA to report they received a phishing email signed with ADA President Jeffrey M. Cole’s name that included the ADA logo in an attachment. 

A phishing email disguises itself as coming from a trustworthy source in an attempt to obtain sensitive information, such as usernames and passwords, or to deploy malware by tricking the recipient into clicking on a link or opening an attachment. The email was not sent by Dr. Cole.

If recipients opened the attachments, clicked a link and entered their email address and password, they should change that password as soon as possible. If they use that same password for any other online account, they should change those account passwords as well.

The Federal Trade Commission recommends that phishing victims forward phishing emails to spam@uce.gov and reportphishing@apwg.org and report the incident to the commission at FTC.gov/complaint. 

This phishing scam appears to be a targeted attack to capture dentists' passwords, with no malware attached.

The ADA Center for Professional Success offers several ways member dentists can protect themselves against cyber attacks.

Steps include training staff on basic data security, backing up data regularly and keeping a copy off-site, being wary of attachments and web links included with suspicious emails, and maintaining cyber defenses such as anti-virus and anti-malware software.

To learn more, visit Success.ADA.org. 

The ADA also offers a continuing education course on phishing and ransomware at ebusiness.ADA.org.