UK trade body still unsure about which data was exposed

The British Dental Association (BDA) has taken down some of its systems following a “sophisticated cyber-attack” that may have resulted in a data breach.

The BDA says it has yet to establish which information was compromised, but that exfiltrated data appeared to be limited to “a very small snapshot” of data stored on its servers.

The BDA’s website is still offline seven days on from the attack, which occurred on July 30.

“As a precaution, we have taken some of our systems offline,” reads a message from the BDA’s IT team on the website’s holding page.

“Our IT experts have been working to rebuild our systems since the incident occurred and this is progressing well.”


The BDA website is still offline


In a statement obtained by The Daily Swig, a spokesperson for the BDA said: “On 30 July the British Dental Association was targeted by a sophisticated cyber‐attack.

“We immediately notified the relevant authorities including the Information Commissioner's Office (ICO), the UK's data protection authority, and the police.”

The association said investigations were ongoing.

“As a precaution, we informed people about this incident and we will be sending further communications to anyone whose information may have been impacted,” said the BDA.

The BDA is the professional trade body and registered trade union for dentists operating in the UK.

Healthcare organizations are a favored target for cybercriminals, and dental practices have not escaped their attention.

In October 2019, a Toronto dental clinic was asked to pay a $165,000 ransom to decrypt its files after being hit by the ‘Ryuk’ ransomware.

In a separate incident just one month later, more than 100 US dental practices were locked out of their systems after an IT services provider was infected by the ‘Sodinokibi’ or ‘rEvil’ ransomware.

The Daily Swig has put follow-up questions to the BDA and will update the article if and when they respond.


RELATED Healthcare breach: Email hack exposes 78,000 cardiovascular patients’ data