DDS Safe which is an online cloud-based data backup system used by several dental practice offices across the United States to protect their medical records and other patient information from ransomware attacks has been hit with ransomware.
The service is provided by two Wisconsin-based companies, Digital Dental Record and PerCSoft and the backend system of affected medical records retention and backup solutions was hit by Sodinokibi ransomware, also known as Sodin or REvil malware.
Even though it is not sure how the threat actors managed to compromise the company’s infrastructure, this ransomware attack is another example of successful supply chain attack, damaging computer systems in 400 dental practice offices around the United States this week.
Both companies released statements according to which the ransomware hit a remote data management software on Monday, August 26, which was used by DDS Safe to back up its client data and encrypted files of hundreds of dental practice customers depending on the backup solution.
The ransomware attack had seriously affected some dental offices, as the dentists do not have access to the patient charts, schedule, x-rays, or payment ledger making it impossible for them to do proper treatment without a chart history and x-rays.
Usually ransomware virus encrypts all files on the targeted computers and then demands a ransom in exchange for the decryptor from the attacker to regain access to their important files.
The company claimed to have a decryptor which they are using to help affected customers decrypt their files at a good rate of succession.
PerCSoft assures that they are working to restore files as early as possible, but still restoration is a slow and methodical process which might take several days to complete.
The companies however did not make any clarification regarding how they got the ransomware decryption software, which suggests that an unknown amount of ransom must have been paid to the cybercriminals.
The companies are actively working with the FBI’s Cyber Crime Unit to investigate the incident. They have also contacted most of the affected customers which constitute only a small percentage of the affected practices.