British Dental Association website hit by cyber-attack
LONDON, UK: The British Dental Association (BDA) has temporarily taken its website offline as a consequence of what the trade union has described as “a sophisticated cyber-attack”. The website attack occurred on 30 July, and the BDA is still investigating the motive, along with what information the hackers were able to obtain.
“We have been working hard, alongside a number of third‐party experts including forensic IT specialists, to determine the nature of the criminal activity,” a BDA spokesperson told Dental Tribune International (DTI). “At present we don’t know what information may have been compromised but we are working to conclude the investigations as soon as possible.”
In a message posted on the home page of its website, the BDA states that it has established contact with any members whose private information may have been compromised. Though the organisation is still investigating what data specifically was extracted, it did mention in an email to BDA members that “logs of correspondence and notes of cases” were likely to have been accessed. A spokesperson told the BBC that these notes were in connection to insurance claims, though the BDA does not maintain full dental patient files.
Cyber-attacks on the increase
Jamal Ahmed, CEO of Kazient Privacy Experts, told DTI that the attack was the latest in a spate of hacks that have occurred this year in the UK. “Over the last few months, we’ve seen more than 150 organisations across the UK become the victim of cyber-attacks, including schools, the National Trust and, now, the BDA,” he said.
Ahmed said that the risks of a data breach include identity theft and phishing attacks to gain more information and that dental professionals should, at the very least, cancel and replace their debit and credit cards immediately, as well as monitor their credit files for unfamiliar and suspicious activity. He added that, though the increase in cyber-attacks was “not specifically related” to the on-going SARS-CoV-2 pandemic, the outbreak of the virus meant that “far fewer people are in the office and so an attack on these kinds of systems might be less likely to be noticed immediately”.
Cybersecurity a growing point of concern
As outlined in an article published by DTI last month, intelligence agencies in both the UK and the US, along with executives at many hospitals and research centres, have cautioned that there has been a marked up-tick in cyber-attacks concentrated on the healthcare industry since the pandemic began.
Dental practices are a popular target for cybercriminals, since their databases generally contain a great deal of highly sensitive patient information, including names, health histories and even bank account details. This information can often prove to be highly valuable to those who steal it, though data protection regulations have meant that there are strict rules for how patient records, for example, are stored.
BDA on hand to answer questions
In the note on its home page, the BDA has provided the relevant email addresses and phone numbers via which it is able to provide initial support to members concerning regular enquiries.