Between May 7 and July 9, 2023 [1], the Alberta Dental Service Corporation (ADSC) experienced a ransomware attack that compromised the personal information of approximately 1.47 million individuals. This incident has significant implications for both the affected individuals and the ADSC.


The breach was discovered on July 9 when an unauthorized third party gained access to ADSC’s IT infrastructure and deployed malware [1], temporarily encrypting specific systems and data [1]. Despite countermeasures taken to secure the network [1], the intruder was still able to access and copy a portion of the data before deploying the malware [1]. The breach impacted three specific groups and included names, addresses [2] [3], and personal banking information for at least 7,300 individuals [2] [3]. ADSC promptly notified those affected and is providing credit monitoring services for two years [2]. Additionally, the privacy commissioner [2], Alberta government [2], and law enforcement have been informed [2], and cybersecurity experts have been called in to contain the incident and conduct a forensic investigation. ADSC has also provided guidance on remaining vigilant for those potentially affected [2].


The breach of the ADSC’s IT infrastructure has had significant impacts on both the affected individuals and the organization itself. The compromised personal information poses a risk of identity theft and financial fraud for the affected individuals. ADSC has taken steps to mitigate the impact by offering credit monitoring services for two years. However, the incident highlights the need for enhanced cybersecurity measures and increased vigilance in protecting sensitive personal information. Moving forward, it is crucial for organizations to invest in robust security systems and protocols to prevent similar breaches in the future.