Dominion Dental reports data security breach

Dominion Dental (Dominion National) one of the dental providers for Maryland Health Connection, recently reported a data security incident.

Dominion National determined on April 24 that an unauthorized party may have obtained access to some of its computer servers. The unauthorized access may have occurred as early as Aug. 25, 2010. 

There is no evidence that any information was accessed, acquired, or misused.

In addition to its role as the provider of stand-alone dental plans, Dominion National also administers dental benefits for Kaiser Permanente. This incident did not involve Kaiser Foundation Health Plan’s computer network or data systems.

Dominion National is in the process of mailing notification letters to potentially affected members. It has a dedicated incident response line to answer any questions. If you believe you may be affected, please call 877-503-8923. TTY/TDD users can call 844-261-6819. The response line is open from 8 a.m. to 8 p.m. Eastern time on weekdays

VIsit DominionNationalFacts.com for more information. 

Here are some questions and answers about the security breach:

When did the security incident happen?

The unauthorized access may have occurred as early as Aug. 25, 2010 through April 2019.

When did Dominion learn of this incident?

Dominion National learned of the potential unauthorized access on April 24, 2019.

How was it discovered?

Dominion National received an internal alert on April 17, 2019.

If the unauthorized access started as early as August 2010, why was it only detected  in April 2019?  

Dominion National is investigating this with the assistance of FireEye Mandiant, a cyber security firm.

Who is affected?

Dominion National has made a comprehensive review of the data stored or potentially accessible from the affected computer servers. It determined that the data may include enrollment and demographic information for current and former members of Dominion National;current and former members of plans for which Dominion National administers dental and vision benefits, and personal information pertaining to plan producers and participating healthcare providers. 

What information was potentially involved?

The information varied by individual, but may include names in combination with addresses, email addresses, dates of birth, Social Security numbers, taxpayer identification numbers, bank account and routing numbers, member ID numbers, group numbers and subscriber numbers.

Have they received any reports that an individual’s information has been misused?

Dominion National has no evidence that any information was in fact accessed, acquired, or misused and has not received any reports that it was.

Was law enforcement notified?

Dominion National contacted the FBI and will continue to work with them.

Who was responsible?

Dominion National’s investigation was unable to determine who, if anyone, may have accessed member information.  

What steps did Dominion National take in response to this incident?

Upon learning of the potential unauthorized access on April 24, Dominion National moved to clean the affected servers and implemented enhanced monitoring and alerting software. Dominion National continues to work with the FBI with its investigation.

How will Dominion National protect consumer information moving forward?

Dominion National is offering a two-year membership to ID Experts® MyIDCare™, which includes credit monitoring and fraud protection services. Enrollment is available at https://ide.myidcare.com/dominionnational

Where can I go to learn more?

Visit DominionNationalFacts.com or contact Dominion National’s dedicated call center at 877-503-8923. TTY/TDD users can call 844-261-6819. The incident response line is open from 8 a.m. to 8 p.m. Eastern time on weekdays Monday to -Friday, 8:00 a.m.- 8:00 p.m., Eastern Time.