Advantage Dental has sent out notices to 151,626 of its customers after a hacking which may have led to the leaking of valuable patient data, according to the Portland Tribune.
The company's internal membership database is said to have been compromised from February 23 for three days, before the company's intrusion detection system spotted the unauthorized access. Data accessible to intruders included patient names, dates of birth, phone numbers, Social Security numbers and home addresses. However, Advantage Dental stressed that treatment, payment and other financial data was not at risk.
Bend Bulletin reports that the hack was made possible via malware on an employee's computer, which then accessed a username and password, giving the hacker access to the membership database. This is kept separate from the financial and treatment information, which explains why the company is confident that payment information remains secure.
Jeff Dover, compliance manager at Advantage told Bend Bulletin that the company's in-house security team ensured that they were able to identify the threat comparatively quickly: "In other situations, hackers are running around in these databases for months on end."
"Unfortunately this happened. What you can do is be as transparent as you can, take responsibility for it, learn from it and then move on," he added.
The company has reported the incident to the Oregan Attorney General's office, the State Police and the US Secret Service, but there are currently no suspects.
Register Guard states that the company is in the process of notifying affected customers, and will be offering credit monitoring and call center support via Experian.