American Dental Association hit by cyberattack
ADA said it was cooperating with federal law enforcement in the investigation, so must limit the details it shares.
- April 29, 2022 |
- Kathryn Walson
ADA said it was cooperating with federal law enforcement in the investigation, so must limit the details it shares
The American Dental Association is working to restore systems and limit any disruption for its members since becoming the victim of a cyberattack on or about April 21.
"At this time, there is no indication any member information or other data has been compromised, however our investigation is still underway," ADA said in an email to members April 25.
ADA took affected systems offline—including Aptify and ADA email, telephone and Web chat—after discovering the cybersecurity incident, the email said. The message and a note at the top of the group's website direct inquiries about the incident to questionsada@gmail.com.
Aptify is a membership management software sold by Community Brands.
Some state-level dental groups were also reporting issues. The websites for the New York State Dental Association and Virginia Dental Association said members could not access members-only content.
The ransomware group Black Basta has taken credit for the attack, news site BleepingComputer reported. Black Basta claimed to have leaked about 2.8 GB of data, or 30% of ADA's information stolen in the attack, including W2 forms, nondisclosure agreements, accounting spreadsheets and information on ADA members, according to the news site.
But ADA issued a warning about the report in an April 28 statement.
"Unsubstantiated reports are being circulated by organizations with no connection to this investigation," the association said.
"Safeguarding employee and member information and data is the ADA's utmost priority," the group told members. "We are working diligently with third-party cybersecurity specialists to investigate the impact on ADA systems and restore full system functionality."
ADA also said it was cooperating with federal law enforcement in the investigation, so must limit details it shares at this time.
"If we determine personal information was impacted as a result of this incident, we will notify affected parties pursuant to applicable law," ADA said.
The Chicago-based professional association for dentists has more than 160,000 members and reported revenue of $129 million in 2020.