Chester, Va.-based Galstan & Ward Family and Cosmetic Dentistry notified its patients that their information may have been exposed during a hacking incident earlier in the year.
In a Nov. 13 letter to patients, Galstan & Ward said it received a call Sept. 9 from a group demanding ransom be paid, saying it had infected the practice's computer server with a virus. Before receiving the call, the practice had identified abnormalities within its system and got it wiped by an outside IT vendor, which also reinstalled patient data from a backup.
Galstan & Ward said it neither paid any ransom nor experienced data loss or a significant service disruption. It said the hacking incident occurred between Aug. 31 and Sept. 1.
The practice discovered Sept. 11 that several files from its server had been posted to a website on the dark web, but the files did not contain any patient information. Galstan & Ward sought services from a security firm, which confirmed the restored server did not contain any malware. The firm also could not find any evidence that confidential patient data has been acquired or accessed.
Galstan & Ward told patients it was only notifying them of the potential data breach out of an abundance of caution. The practice said its software used a cryptographic technology to protect patient data and it has implemented additional safeguard to improve cybersecurity.
More articles on dental:
Aspen Dental expands in Ohio, Massachusetts
12 DSOs making headlines in November
Delta Dental of Illinois updates PPO fee schedule, increases some maximum plan allowances