If you’ve read about the American Dental Association on Forbes before, chances are good it was an article about oral health. This week, however, the ADA finds itself in the news after hackers broke into its networks and unleashed ransomware.
Hackers triggered the malware this weekend forcing the ADA to certain critical systems offline. Web-based chat, email and telephone services were all impacted as the ADA investigated the situation.
The ADA website is currently online, though a banner has been added to the top of all pages that states “The ADA is experiencing a cybersecurity incident. We appreciate your patience and are working to get systems running smoothly.”
That banner is linked directly to a Gmail address, which seems to indicate that the organization is not yet convinced that it’s safe to utilize its own ADA.org mailboxes.
Bleeping Computer has viewed an email that was reportedly sent out to ADA members. Like most messaging sent at the early stages of a ransomware investigation, it tries to paint a somewhat optimistic picture of events.
In particular, it states that the investigation so far has not revealed that any member data was stolen.
A new ransomware gang claimed responsibility for the attack appears to have contradicted that statement.
The Black Basta crew has already leaked 2.8 gigabytes of data that it says was stolen from ADA servers. There’s allegedly more where that came from, too. The hackers claim to have stolen around 9 gigabytes in total.
Security researchers who have reviewed the data say that it contains a variety of sensitive information. That includes W2 and other tax forms, financial spreadsheets and information about private practices.
This approach has become the norm in high-profile ransomware incidents. Referred to as double extortion, criminal hackers have taken to leaking or threatening to leak their victims’ data in addition to encrypting files so they are unusable.
Some attackers have added another wrinkle: corrupting or deleting backups. With no reliable backups to restore from and the looming threat of sensitive information being leaked, victims may feel as though they have no choice but to pay the ransom.
While the attack on ADA itself is worrying enough, this may just be the tip of the iceberg. If, in fact, the Black Basta gang really does have multiple gigabytes of information on ADA members, follow-up attacks aimed directly at their practices may be coming.