Exploit: Unauthorized Database Access
British Dental Association: Trade Union
Risk to Small Business: 1.866 = Severe
The British Dental Association informed its members that data on a “small fraction” of its membership was exfiltrated in late July. The statement was vague about the cause or impact, and the organization’s website has been down since the attack was reported on 7/30/20. The association is still working to restore its web, telephone, and internal networks following the security breach, and has notified the Information Commissioner’s Office.
Individual Risk: 2.219 = Severe
The organization does not store members’ card details but does hold account numbers and sort codes to collect direct debit payments. The BDA has urged its members to remain vigilant against identity theft or spear phishing attempts.
Customers Impacted: 22,000
How it Could Affect Your Customers’ Business: When an organization stores the financial information of its members in any capacity, that information needs to be protected – and members need to have confidence in the security of their personal and financial data on file, especially in professional groups or trade unions.