In an attempt to update dental procedure codes, the American Dental Association may have inadvertently infected thousands of dental offices across the United States with malware.
As part of a mailer sent to ADA members, the thumb drives were intended to contain codes that offices use to keep track of procedures for billing and insurance purposes. Upon closer inspection, it was discovered that the code in one of the files tried to open a web page that is known to distribute malware, allowing thieves to take control of a Windows-based computer.
The manufacturing of the USBs was subcontracted by an ADA vendor to a company in China. Of the 37,000 devices mailed, it appears that only a small percentage are infected. It’s believed that one of the duplicate machines used by the manufacturer became infected some time during production, infected the ADA’s clean disk image, and then passed it on to the devices. While they did perform random quality assurance testing, no infected USB was found.
With more than 159,000 members, the ADA has decided to review how it distributes materials in the future. Any dental office who received a mailer should not use the thumb drive and dispose of it. If you would like a digital copy of the 2016 CDT manual, the ADA has made it available in PDF format through their website.