Hundreds of dental practice offices in the US have had their computers infected with ransomware this week, ZDNet has learned from a source.
The incident is another case of a ransomware gang compromising a software provider and using its product to deploy ransomware on customers' systems.
In this case, the software providers are The Digital Dental Record and PerCSoft, two Wisconsin-based companies who collaborated on DDS Safe, a medical records retention and backup solution advertised to dental practice offices in the US.
Over the last weekend, a hacker group breached the infrastructure behind this software, and used it to deploy the REvil (Sodinokibi) ransomware on computers at hundreds of dentist offices across the US.
The security breach came to light on Monday, when dentists returned to work, only to find out they couldn't access any patient information. OUCH. Software supply chains are very much at risk. Here is a blog post that goes into more detail about this problem. KrebsOnSecurity has more detail as well.