What You Need to Know about the Delta Dental Data Breach

Delta Dental is a dental insurance provider serving over 90 million Americans. It offers coverage in all 50 states, Puerto Rico, and Washington, D.C. The company was established in 1966 in California as part of the Delta Dental Plans Association. It currently has a network of 39 independent Delta Dental companies with almost 3,000 employees.

Apart from the recent Data Breach suffered by Delta Dental, the company was also a victim of a data breach in December 2023 in which bad actors exploited a vulnerability within MOVEit, the company’s file transfer solution/software program. Over 7 million persons were reportedly affected in that breach.

In Early December 2024, a new Delta Dental data breach reportedly exposed over 802,000 records. While the details are still sketchy, the breach is said to have exposed data of certain employees at Etsy, Coca-Cola, Paypal, and several others. Data exposed in the breach included names, insurance providers, phone numbers, home addresses, degrees, and hospital names of the affected individuals.

When Was the Delta Dental Data Breach?

The most recent Delta Dental data breach became public knowledge on December 4, 2024, when the affected records began circulating online on large data breach forums. According to some reports, this information may have been circulating in other parts of the dark web before it became public on December 4, 2024. Delta Dental has identified the data breach as resulting from MOVEit, a file transfer service that exposed data from several organizations in 2023.

How to Check If Your Data Was Breached

If you are concerned that your information may have been compromised in the Delta Dental data security incident as a policyholder with the company, you may check with certain online services like Atlas Privacy’s Databreach.com. Such services permit users to search by names or phone numbers.

Generally, Delta Dental will most likely send notification letters to affected individuals detailing the information or data compromised in the breach and recommended actions to be taken afterward. However, while waiting for this to happen, you may keep monitoring your phones for an unusual influx of spam text messages that may only indicate one thing - an exposed phone number.

What to Do If Your Data Was Breached

If you have reasons to believe your record was compromised in the December 2024 Delta Dental data security incident, you should take some proactive steps to protect yourself. For instance, you should reset your passwords and change your phone numbers (if possible) across various online platforms. In addition, you may contact each of the three leading credit bureaus in the United States, Equifax, TransUnion, and Experian, to freeze your credit. This will prevent the unauthorized opening of cards or other lines in your name using information exposed in the data breach.

Furthermore, if your state law permits, you may opt out of data collection by contacting the services you and instructing them not to collect your data for third-party use. Similarly, you may request to have data held by services you no longer use deleted immediately. You should also keep close tabs on your credit by looking out for unusual activities.

Delta Dental is expected to notify individuals affected by the data breach with written letters. If you receive one, make sure to read the letter carefully, understand the details, know what data was exposed, and take all the steps recommended by the company.

Are There Any Lawsuits Because of the Data Breach?

No. While there were several class actions as a result of data security incidents suffered by Delta Dental in the past, no lawsuits have been filed in relation to the December 2024 data breach as of mid-December 2024.

Can My Delta Dental Information Be Used for Identity Theft?

Yes. Data of individuals compromised in the December 2024 Delta Dental data breach may be used for identity theft if they fall into the wrong hands. Personally identifying information such as names, phone numbers, and home addresses were exposed in the data security incident and could potentially be used by scammers for identity theft. For example, fraudsters could use such information to access victims’ online accounts, open new accounts, take out loans in victims’ names, or apply for new credit cards. Sometimes, they may sell such data on the dark web.

What Can You Do to Protect Yourself Online?

Generally, companies keeping databases of consumer information like Delta Dental strive to protect such data using various administrative, physical, and electronic means. However, none of these methods of protection is 100% secure. As an individual, you have a responsibility to safeguard yourself and your information online. You can do this using any of the following tips:

• Learn to keep your personal data. Avoid posting information that may suggest your online profile passwords on your social media accounts, as cyber criminals may figure out your passwords using such data. In addition, you should lock down the privacy settings in your online accounts.
• Always set strong passwords on your online profiles. A strong password is at least eight characters long and contains a mix of numbers, special characters, and lower- and uppercase letters. Also, avoid sharing your passwords with anyone or writing them down in your diary or other places.
• Be cautious when connecting to public Wi-Fi networks. Essentially, avoid sending sensitive information or data over public networks and ensure to protect your home network with a password.
• In order to monitor changes to your credit file, you should enroll in a credit monitoring service. 
• Always review your credit reports and financial accounts for suspicious activity or unusual charges. 
• If you must shop online, make sure to do so on websites that use secure technology. You can identify them by the “https” at the beginning of such web addresses and the tiny locked padlock symbol on the webpage.
• Keep your internet devices, including mobile devices and computers, up to date with the latest security software and operating systems. These things are updated regularly to provide defense against malware, viruses, and several other cyber threats, which in turn protect your data online. Configuring your devices to automatically receive and download the latest updates is highly recommended. You may also install reliable antivirus software to protect your devices from malicious malware.
• Stay current by regularly updating your knowledge of cybersecurity and the latest tactics employed by cyber criminals with education resources offered by websites like IDStrong.
• Beware of phishing scams that use fraudulent websites and emails to deceive unsuspecting persons into revealing login information or credentials of private accounts. If you receive an email from an unfamiliar or suspicious source, do not open any attachments or links.
• Where possible, enable two-factor authentication (2FA) on your online accounts to add an extra layer of security to those accounts.
• Use a unique email address for each of your online accounts. While doing this requires a high level of organization, it is a great way of keeping the identity associated with each online account or profile separate.