A ransomware attack has crippled an estimated 400 dental practices across the US.
“We have no access to the patient charts, schedule, x-rays, or payment ledger,” Shae Johnson, the Clinical Coordinator at Dentistry Design in McFarland, Wisconsin, told CNN. “The doctor cannot do proper treatment without a chart history and x-rays.”
Ransomware is a type of virus that locks up a computer and demands a payment for it to be unlocked.
On Tuesday, two Wisconsin companies that provide an online service to dentists’ offices, Percsoft and the Digital Dental Record, told their customers that the software they use to connect to individual offices had been infected with ransomware Monday morning. In periodic updates, they say they are working on a case-by-case basis.
“Essentially the restorations are ongoing,” Brenna Sadler, a spokeswoman for Digital Dental Record, told CNN. “It’s a very difficult, lengthy, methodical process. So it’s taking some time.”
About 400 practices were initially affected, Sadler said, and about 100 of those have since been restored.
“It had a devastating effect on our office,” said Paul Levine, a dentist who runs a private practice near Milwaukee. “Monday, Tuesday, Wednesday, until this morning when they got us up running, we were not able to see half of our patients because we were handicapped from taking x-rays. You can’t see an emergency patient without an x-ray. You can’t see a new patient without x-rays.”
While his office is able to see patients again, Levine told CNN, some of his computers are still infected.
“We’ve been able to work around that. I know there’s other offices that need to be up and running too,” he said.
The tech site ZDNet, citing an anonymous source, reported that the ransomware was from the Sodinokibi family — a common strain — and that the companies were able to decrypt their customers’ computers because they had paid off their attackers. Sadler told CNN she was unaware of the name of the strain or whether the companies had paid the ransom.
The number of publicly reported ransomware infections in the US actually went down in 2018 from 2017, but the number of known attacks against local government institutions went up, suggesting criminal hackers are prioritizing attacks against targets that have fewer resources for cybersecurity and whose content is vital to public interest.
While the FBI and other government agencies have resources available to report ransomware and to protect potential victims, there’s often little to be done once someone’s already been hit.
Digital Dental Record and Percsoft had, however, contacted the FBI, Sadler said.