Delta Dental of California, a dental insurance provider, has experienced a data breach that has affected nearly seven million patients. The breach occurred when threat actors gained unauthorized access to the company’s systems through the MOVEit Transfer software application. This software had a vulnerability that allowed for remote code execution, which was exploited by the Clop ransomware gang. The breach was discovered on June 1, 2023, and it was later confirmed that data had been accessed and stolen between May 27 and May 30, 2023. The data breach has exposed sensitive information, including names, financial account numbers, and credit/debit card numbers with security codes. Delta Dental is offering impacted customers 24 months of free credit monitoring and identity theft protection services. Customers are advised to be cautious with unsolicited communications as their data may have been shared with phishing actors and cybercriminals. This breach is one of the largest MOVEit breaches, following behind Maximus and Welltok.
https://www.bleepingcomputer.com/news/security/delta-dental-says-data-breach-exposed-info-of-7-million-people/