If you’re reading this, something worth knowing just happened.
TODAY’S TECH ALERT
🦷 Open wide. The hackers did.
Image: ChatGPT/Kim Komando
⚡ TL;DR
A criminal crew called ShinyHunters broke into DentaQuest, one of the biggest dental benefits administrators in the country, and dumped 2.6 million people’s personal data online after the company refused to pay up.
Names, home addresses, phone numbers, birth dates, government IDs, health insurance details and Medicaid IDs are sitting on the open internet.
DentaQuest runs coverage for Medicaid and Medicare Advantage in all 50 states. If you or someone you love has ever been on either one, keep reading.
📖 Read time: 2 minutes
Never heard of DentaQuest? They’ve still got a file on you.
If you’ve ever had Medicaid, Medicare Advantage or dental coverage through work, odds are good DentaQuest has your information. Name, phone number, home address, birth date, government-issued ID, health insurance details, Medicaid ID. The whole folder.
Now it’s public.
ShinyHunters slipped in, walked off with more than 234 gigabytes of data and gave DentaQuest a choice: Pay up, or we post all of it. DentaQuest didn’t pay. ShinyHunters posted. More than 2.6 million accounts are out in the open for anyone to grab.
DentaQuest confirmed the breach on June 2. The official statement called it “unauthorized access to a limited portion of our network.” That “limited portion” held 2.6 million people’s personal information. So there’s that.
🦷 Why this one bites harder
A stolen credit card is a headache. But you cancel it and move on.
This is worse. Your name, address, birthday, ID and health insurance info bundled together are the exact tool kit a crook needs to open credit in your name, file fake insurance claims or call your doctor’s office pretending to be you.
And here’s the part nobody’s saying out loud. A big chunk of those 2.6 million people are on Medicaid or Medicare, which means many are on fixed incomes or government assistance. They have the least protection and the hardest road back when an identity gets stolen.
ShinyHunters isn’t slowing down either. This year alone, the group’s been tied to attacks on Carnival, 7-Eleven, ADT, Zara and dozens more. The playbook never changes. Get in through one weak spot. Take everything. Set a deadline. When the company won’t pay, the data goes public.
This time, the data is yours.
🔒 Do these four things today
Freeze your credit. The single most effective move there is. Lock it down for free at all four bureaus: Equifax, Experian, TransUnion and Innovis, the fourth one most people forget. Nobody opens an account in your name while your credit is frozen. My step-by-step guide is here.
Watch your medical mail. Medical identity theft shows up in the explanation of benefits from your health insurance company. Something looks off? Billed for care you never received? Call your insurer right away. On Medicaid? Loop in your state Medicaid office, too.
Trust nothing that comes next. Scammers buy breach lists the minute they drop. Expect calls, texts and emails that use your real name and address. That’s not proof they’re legit. That’s proof they bought the list.
Kill your reused passwords. Start with any accounts tied to insurance or a health portal, plus any sharing a password with those. Reusing one password everywhere? Consider this your wake-up call. I use NordPass to spin up strong passwords no hacker can crack. You remember one master password, and it handles the rest. Grab my deal for $1.43 a month.*
There’s no such thing as a company too boring to hack. Your dentist’s billing department just proved it.
📩 Know someone on Medicare or Medicaid? Forward this. Their smile and their identity will thank you.
* That’s a sponsor link. I only recommend tools I actually use.
Photo credit(s): ChatGPT/Kim Komando