Data Breach Tracker

Dental data breaches are accelerating

Every breach represents a real dental practice facing fines, lawsuits, and patients who may never come back. Here's what's happening, why, and how to prevent it at your practice.

$6.6M+

OCR fines in 2025

$10.93M

Avg healthcare breach cost (IBM 2024)

$250+

Avg cost per exposed record

198K+

Patient records in recent tracked incidents

Recent incidents

Two of the more instructive dental data breaches from recent enforcement.

Chord Specialty Dental Partners

173,000 patients affectedVector: Unauthorized network access

Takeaway: Multi-location groups are a high-value target. One shared back-office server can expose every location simultaneously. Practice isolation and per-record encryption keys are the first line of defense.

Rinehart Dentistry

25,000 patients affectedVector: Ransomware / credential compromise

Takeaway: Ransomware continues to be the #1 vector for independent practices. MFA on every account and encrypted backups are non-negotiable.

How Intake.Dental prevents these failures

Six protective layers shipped on every Intake.Dental account.

Dual-layer encryption

Every PHI field gets its own AES-256-GCM data encryption key, optionally wrapped in our Glyph Cipher polyglottal layer. If one record is ever exposed, the rest of the database stays dark.

Ransomware resistance

Per-record encryption keys mean a server compromise doesn't equal a database compromise. Attackers have to break each record individually.

Phishing protection

Role-based access control, MFA, and automatic session timeout on every account. Staff can only see the data their role actually needs.

Complete audit trails

Append-only timestamped access logs with IP and user identification on every PHI read and write. Exportable for your own compliance audits.

Practice isolation

Tenant-specific encryption and row-level security mean no practice can ever see another practice's data — even in a worst-case application bug.

BAA + 72-hour incident response

Signed Business Associate Agreements with every practice and a 72-hour incident notification runbook built into our on-call rotation.

Hardening your own practice

✓Encrypt data at rest and in transit — no exceptions
✓Implement multi-factor authentication on every account that touches PHI
✓Keep software and firmware patched on every endpoint
✓Train staff on phishing — most breaches start with a bad click
✓Only use HIPAA-compliant vendors with executed BAAs in place
✓Document an incident response plan and rehearse the 72-hour notification timeline

Read our full HIPAA compliance approach

Recent incidents

Two of the more instructive dental data breaches from recent enforcement.

Chord Specialty Dental Partners

173,000 patients affectedVector: Unauthorized network access

Rinehart Dentistry

25,000 patients affectedVector: Ransomware / credential compromise

Takeaway: Ransomware continues to be the #1 vector for independent practices. MFA on every account and encrypted backups are non-negotiable.

How Intake.Dental prevents these failures

Six protective layers shipped on every Intake.Dental account.

Dual-layer encryption

Every PHI field gets its own AES-256-GCM data encryption key, optionally wrapped in our Glyph Cipher polyglottal layer. If one record is ever exposed, the rest of the database stays dark.

Ransomware resistance

Per-record encryption keys mean a server compromise doesn't equal a database compromise. Attackers have to break each record individually.

Phishing protection

Role-based access control, MFA, and automatic session timeout on every account. Staff can only see the data their role actually needs.

Complete audit trails

Append-only timestamped access logs with IP and user identification on every PHI read and write. Exportable for your own compliance audits.

Practice isolation

Tenant-specific encryption and row-level security mean no practice can ever see another practice's data — even in a worst-case application bug.

BAA + 72-hour incident response

Signed Business Associate Agreements with every practice and a 72-hour incident notification runbook built into our on-call rotation.

Hardening your own practice

✓Encrypt data at rest and in transit — no exceptions

✓Implement multi-factor authentication on every account that touches PHI

✓Keep software and firmware patched on every endpoint

✓Train staff on phishing — most breaches start with a bad click

✓Only use HIPAA-compliant vendors with executed BAAs in place

✓Document an incident response plan and rehearse the 72-hour notification timeline

Dental data breaches are accelerating

Recent incidents

Chord Specialty Dental Partners

Rinehart Dentistry

How Intake.Dental prevents these failures

Dual-layer encryption

Ransomware resistance

Phishing protection

Complete audit trails

Practice isolation

BAA + 72-hour incident response

Hardening your own practice

Dental data breaches are accelerating

Recent incidents

Chord Specialty Dental Partners

Rinehart Dentistry

How Intake.Dental prevents these failures

Dual-layer encryption

Ransomware resistance

Phishing protection

Complete audit trails

Practice isolation

BAA + 72-hour incident response

Hardening your own practice

Protect your patients before a breach forces the conversation

Legal