Delta Dental of California reports MOVEit related data breach

On September 5, 2023, Delta Dental of California reported a data breach caused due to hackers exploiting a vulnerability in MOVEit, a file-transfer application used by the company.

The breach's origin traces back to June 1, 2023, when the vulnerability in MOVEit was discovered. Delta Dental swiftly applied recommended patches to the software and continued investigating the incident, ultimately confirming unauthorized access on July 6, 2023.

Independent third-party experts were engaged to assess the extent of the breach and identify impacted consumers. The breach is confirmed to have lead to unauthorized access to consumers' sensitive information.

Unfortunately, Delta Dental did not disclose any details about exposed data nor number of affected individuals.

Update - as of 14th of December, Delta Dental of California, reprots that nearly 7 million patients are part of the data breach.
The threat actors accessed certain protected information including

• names
• addresses,
• Social Security numbers,
• driver’s license numbers or other state identification numbers,
• passport numbers,
• financial account information,
• tax identification numbers,
• individual health insurance policy numbers,
• health information.

Delta Dental has began notifying affected individuals once the breach was confirmed