A recent cybersecurity breach targeting a government service provider could have left thousands of Albertans’ banking records and hundreds of thousands more names exposed.
On Thursday, the Alberta Dental Service Corporation (ADSC) said it had been hacked between May 7 and July 9. On the final day, the hackers communicated they had encrypted the data, were holding it ransom and demanded cryptocurrency in payment.
Lyle Best, the ADSC president, said the organization’s cyberinsurance was immediately engaged and the ransom was paid, recovering the data with a minimal loss of that data. Best also noted the corporation had secure backups.
“We take the security of information in our care very seriously. Unfortunately, even with the most stringent measures in place, these incidents are not always preventable. ADSC would like to sincerely apologize to our valued clients and health providers and appreciates the worry this incident may cause,” Best said in a statement.
ADSC is the dental benefits administrator for the Alberta government and has programs that serve seniors, Albertans on Assured Income for the Severely Handicapped (AISH) and other low-income health benefits.
Petro Canada cybersecurity incident disrupts gas stations across Canada
Less than 7,300 seniors on the Quikcard program may have had their personal banking information leaked.
ADSC said it is reaching out directly to Albertans whose personal financial data was hacked and those people will be offered complimentary credit monitoring.
Approximately 1.47 million peoples’ names and dental program ID numbers were compromised.
ADSC said it will be providing tips on how to further secure their personal information.
Health providers’ information was also part of the hack.
Essential cybersecurity tips to safeguard your digital footprint
Cybersecurity experts investigated the incident for ADSC, and RCMP and Edmonton Police Service were also informed of the hack in the following days. The cybersecurity experts shared their findings with ADSC on July 26.
Yellowknife declares state of local emergency due to wildfires in Northwest Territories
Monster energy drinks are being recalled in Canada
Best told Global News the Russian ransomware group 8base was identified as responsible, and said the entire data breach could have started as innocently as someone opening a phishing email, allowing for the software to be installed.
“It’s frustrating,” he said.
The ADSC president said the organization’s cybersecurity vulnerabilities have since been secured.
The provincial dental program administrator said the investigation of the data breach is ongoing and the organization will take further measures if deemed necessary.
© 2023 Global News, a division of Corus Entertainment Inc.