Hundreds of dental practice offices in the US have had their computers infected with ransomware this week, ZDNet has learned from a source.
The incident is another case of a ransomware gang compromising a software provider and using its product to deploy ransomware on customers’ systems.
In this case, the software providers are The Digital Dental Record and PerCSoft, two Wisconsin-based companies who collaborated on DDS Safe, a medical records retention and backup solution advertised to dental practice offices in the US.
COMPANY PAID RANSOM DEMAND
Over the last weekend, a hacker group breached the infrastructure behind this software, and used it to deploy the REvil (Sodinokibi) ransomware on computers at hundreds of dentist offices across the US.
The security breach came to light on Monday, when dentists returned to work, only to find out they couldn’t access any patient information.
A source impacted by the ransomware tells ZDNet that the two companies opted to pay the ransom demand. The Digital Dental Record and PerCSoft have been sharing a decrypter with impacted dental offices since Monday, helping companies recover encrypted files.
The recovery process has been slow, as most ransomware recovery operations tend to be, with some dental offices claiming on a Facebook group that the decrypter either didn’t work, or didn’t recover all their data.
The Digital Dental Record and PerCSoft did not return phone calls or emails seeking additional information prior to this article’s publication.