Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack

Since its emergence in May 2023, the MOVEit vulnerability has been exploited by the Russian-linked Cl0p ransomware gang, revealing their involvement in the breach.

According to a data breach notification, the Oak Brook, Illinois, United States-based dental insurance provider Delta Dental has fallen prey to a sophisticated cyberattack orchestrated through the exploitation of a zero-day flaw in MOVEit Transfer.

The notorious Russian-linked ransomware syndicate, known as Cl0p, is behind the breach, compromising the private information of nearly seven million customers. can confirm that the Cl0p ransomware gang has indeed released the entire dataset on its dark web domain, making it available for public download through a torrent.

Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack
Screenshot of the Torrent link (Credit:

Delta Dental’s internal investigation concluded on July 6, has shed light on the severity of the incident. The cybercriminals successfully infiltrated and exfiltrated sensitive data belonging to Delta Dental of California and its affiliated entities on the MOVEit platform during the window between May 27 and May 30.

The severity of the situation prompted the company to promptly file a breach notification (PDF) with the Maine Attorney General, officially documenting the security incident on December 14, 2023.

The exposed information encompasses a trove of personal and highly sensitive details, presenting a significant risk to the affected individuals. Among the compromised data are names coupled with a combination of addresses, Social Security numbers, driver’s license numbers, or other state identification numbers, passport details, financial account information, tax identification numbers, individual health insurance policy numbers, and various health-related information.

This breach not only poses a threat to the privacy and security of Delta Dental’s customers but also raises concerns about the potential misuse of the stolen data. With the involvement of the Cl0p ransomware syndicate, known for its aggressive tactics, the aftermath of this breach could extend beyond typical data exposure scenarios.

Delta Dental is now faced with the daunting task of mitigating the fallout from this significant security incident. As the affected customers grapple with the potential ramifications of identity theft and financial fraud, cybersecurity experts emphasize the urgency of implementing robust measures to safeguard sensitive information.

In a comment to, Claude Mandy, Chief Evangelist of Data Security at Symmetry Systems, expressed empathy for the victims and cautioned them about potential phishing attacks that they may encounter.

“My thoughts are with the impacted patients from the incident, who are slowly finding out what information has been exposed. While the majority of the information is fungible and easily replaced with little impact, it still requires continual vigilance from the impacted parties to avoid further impact, whether monitoring financial accounts, and credit scores or being extra vigilant for phishing,” said Claude.

The recent data breach is concerning for Delta Dental and its customers. It underscores the importance for companies to promptly apply patches and secure their infrastructure. This breach highlights the exploitation of vulnerabilities in Ipswitch INC’s managed file transfer software, MOVEit Transfer, by groups like Cl0p.

So far, numerous organizations, spanning government agencies, airlines, educational and financial institutions, as well as healthcare providers, have fallen victim to the MOVEit-linked data breach. The compromised data includes sensitive information such as credit card numbers, Personally Identifiable Information (PII), and Social Security Numbers (SSNs).

  1. 900 U.S. Schools Hit by MOVEit Hack, Exposing Student Data
  2. Massive MOVEit Hack: 630K+ US Defense Officials’ Emails Breached
  3. UK’s Ofcom confirms cyber attack as PoC exploit for MOVEit is released
  4. Sony Data Breach via MOVEit Vulnerability Affects Thousands in the US
  5. Okta Breach Linked to Employee’s Google Account, Affects 134 Customers
Related Posts