The recent hacking incident at Henry Schein has left many in the dental industry feeling uncertain and concerned. While the full extent of the breach remains unclear, the fact that, as of today, October 24th, their website has been offline for more than a week is alarming. Henry Schein has stated they are actively investigating the matter, and it’s unclear what data and information has been compromised. Though we await further details, it’s crucial to act now to safeguard your practice and personal information. Here are some protective measures you can take:
Alert your team about the Henry Schein hack and urge them to be vigilant against suspicious emails, particularly those asking for sensitive details. Hackers, after infiltrating a vendor, may access data such as order histories, contact points, or even just the knowledge that you’re a Henry Schein customer. Such information can be exploited to send phishing emails, calls, and texts targeting your practice.
To safeguard against phishing attempts, adopt the following best practices:
Remind your team to scrutinize emails, especially those appearing to be from Henry Schein, that request payments, gift cards, or confidential information.
Update any potentially compromised passwords that you used in Henry Schein systems. If you’ve reused these passwords on other sites, change them there as well. Encourage your team and anyone who might be affected to do the same. As an added security measure, activate Multi-Factor Authentication (MFA) where possible. MFA is a security protocol that requires users to provide two or more verification methods before accessing an account. This means that even if hackers obtain your password, they’d still need another form of verification—like a texted authentication code — to gain access. It’s a robust way to protect your accounts, even in the face of successful phishing attempts or password breaches.
When changing your passwords, it’s crucial to prioritize security and diversity. Avoid using obvious choices like ‘password123’ or personal details like the practice name. Instead, opt for a mix of upper and lower case letters, numbers, and symbols to increase complexity. A longer password, ideally 12 characters or more, adds another layer of defense and makes it harder for hackers to guess your password. Always use unique passwords for each site; this ensures that even if one gets compromised, your other accounts remain safe. Juggling multiple intricate passwords can be daunting, that’s where password managers like 1Password or Dashlane come in handy. These tools not only generate strong passwords for you but also securely store them. By remembering just one robust password for the manager, you gain access to all your credentials without compromising on security.
After a hack, attackers may have access to a treasure trove of personal and financial information. With these details, they could impersonate you, open new credit lines in your name, or make unauthorized purchases.
Remember, staying vigilant and proactive is the key to guarding against identity and financial fraud, especially in the aftermath of a security breach.
It’s crucial to keep all your devices, applications, antivirus software, security systems, and especially web browsers up-to-date. Those seemingly pesky updates, like the Windows ones, are designed to shield you from threats. A large portion of cyberattacks exploit known system vulnerabilities that updates could prevent. Following a significant breach like the Henry Schein hack, it’s also wise to consult with your IT company. Ask them to implement additional precautions and bolster monitoring. With your practice potentially in hackers’ crosshairs in the coming weeks, reinforcing defenses becomes even more essential. After all, you hold sensitive patient information, and it’s paramount to safeguard that data.
While the situation at Henry Schein unfolds, it’s a timely reminder of the importance of cybersecurity. Take these steps to protect your practice and stay informed as more details emerge.