MCNA, a US-based dental benefits manager, notified millions of clients about a data breach that exposed their government ID’s, Social Security numbers, and driver’s license details.
Attackers roamed MCNA systems for nearly two weeks in late February to early March this year, the company’s breach notification letter shows. The company only noticed unauthorized access on March 6th, even though first access to MCNA’s systems occurred as as early as February 26th.
“MCNA subsequently discovered that certain systems within the network may have been infected with malicious code. Through its investigation, MCNA determined that an unauthorized third party was able to access certain systems and remove copies of some personal information,” the company’s letter said.