DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware.
Provided by two Wisconsin-based companies, Digital Dental Record and PerCSoft, the backend system of affected medical records retention and backup solutions has probably been hit by Sodinokibi ransomware, also known as Sodin or REvil malware.
Though it's not yet clear how attackers managed to compromise the company's infrastructure, the latest ransomware attack is yet another example of successful supply chain attack, crippling computer systems in 400 dental practice offices around the United States this week.
According to statements released by both companies, the ransomware virus hit a remote data management software on Monday, August 26, that DDS Safe uses to back up its client data and encrypted files of hundreds of dental practice customers relying on the backup solution.
The ransomware attack had some serious effect on some dental offices, with one McFarland dentist quoted by CNN as saying: "We have no access to the patient charts, schedule, x-rays, or payment ledger. The doctor cannot do proper treatment without a chart history and x-rays."
Ransomware virus typically encrypts all files on the targeted computers and then demands a ransom (usually in Bitcoins) in exchange for the decryptor from the attacker that helps the victims regain access to their important files.
At the time of writing, the company claimed to have a decryptor that they are using to help affected customers decrypt their files at a good rate of succession.
However, the official statements from the companies haven't particularly mentioned how they got their hands on the ransomware decryption software, suggesting that the unknown amount of ransom has been paid to the cybercriminals.
Meanwhile, the companies said they are actively working with the Federal Bureau of Investigation's Cyber Crime Unit to thoroughly investigate the incident, adding that they have been in touch with most of the affected customers, describing them as "only a small percentage of the affected practices."
This year has seen a rise in ransomware attacks against public infrastructure and government institutions, from where cybercriminals seek successful returns as most of the times the targeted organizations content is vital to the public interest.