On July 1, 2024, Core Dental Health posted a notice on their website about a data security incident that may have involved some Protected Health Information (PHI) of some patients, that has been exposed and potentially stolen. Their Information Technology (IT) Managed Service Provider (MSP) notified the company on April 24, 2024, regarding unusual activity detected within its network. Subsequent investigation revealed that an unauthorized individual gained initial access to the network around March 14, 2024, and proceeded to make configuration modifications. Examination of logs indicated unauthorized access to a data folder housing sensitive and confidential data, including names, dates of birth, dental treatment histories, and social security numbers on a limited number of patient files. Additionally, following this incident, they have reached out to the Federal Bureau of Investigation (FBI), hired external forensic specialists, and are partnering with a cyber security consultant for further investigation into the cyber attack. The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) was also notified of the incident through their breach portal, where it was disclosed that 2,349 individuals were affected.

Core Dental Health is a leading dental institution in Oak Ridge, Tennessee, that provides high-quality dental care to patients of all ages. They offer a variety of services, ranging from routine cleanings and exams to advanced procedures, all aimed at ensuring optimal oral health for their patients. Their primary focus is on preventive care and patient education, with the goal of helping patients achieve and maintain healthy smiles for life.

Dr. Jesse Ellsworth, the top dentist at Core Dental Health, emphasizes the importance of safeguarding personal health information. He stated, “We take the protection of the privacy and security of your personal health information very seriously.” He further stated, “We carefully reviewed our internal data management and protocols and have already implemented enhanced security measures to help prevent this type of incident from reoccurring.” He added, “In the abundance of caution and to help relieve concerns and restore confidence following this incident, we are offering free credit monitoring and identity theft protection services to all potentially-affected individuals.”