Pierluigi Paganini August 30, 2019

The company behind DDS Safe solution used by hundreds of dental offices was hit by a ransomware attack and it is working to restore access to client data.

PerCSoft is a cloud management provider for Digital Dental Record (DDR), that operates the online data backup service called DDS Safe.

DDS Safe, is a HIPAA Compliant 3 layered online dental backup system that provides dental offices triple the protection of traditional online back-up solutions.

The company provides back-up services to hundreds of dental practice offices across the United States, the solution allows safeguarding medical records and other patients’ information.

Unfortunately, the company was the victim of a ransomware attack and it is currently working to restore access to client data.

Systems at the company were likely hit by the Sodinokibi ransomware, also known as Sodin or REvil, on August 26.

“At 8:44 a.m. on Monday, Aug. 26, we learned that ransomware had been deployed on the remote management software our product uses to back up client data.” the Digital Dental Record said. “Immediate action was taken to investigate and contain the threat. Our investigation and remediation efforts continue. Unfortunately, a number of practices have been and continue to be impacted by this attack.”

“Another image shared by members of that Facebook group indicates the ransomware that attacked PerCSoft is an extremely advanced and fairly recent strain known variously as REvil and Sodinokibi.” wrote Brian Krebs.

“Making more and more progress on recoveries, in particular on ones where the decryption completed, but we needed to triage some of the program files, not data files, for the different software programs since they had been sitting idle with the encrypted data.” reads the statement published by the company. “The team is in good stride with those now and I want to send a special thanks out to the teams at Dentrix, Eaglesoft, Carestream, OpenDental, and XLDent. They have been great in this situation to help us resolve any of these issues as quickly as possible.”

The incident caused severe problems to some dental offices that were not able to access to the patient data, including charts, schedule, x-rays, or payment ledger.

According to Brian Krebs, who cited some sources, PerCSoft did pay the ransom to restore the encrypted files.

The company is currently using a decryptor tool that seems to have a good success rate.

“PerCSoft assures us it is working to restore files as quickly and completely as possible, but restoration is a slow and methodical process that could take several days to complete,” continues DDR.

The company reported the incident to the authorities that is currently investigating the attack.

Pierluigi Paganini

(SecurityAffairs – DDS Safe, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]