Dentist chain paid cyber criminals €2 million after ransomware attack: report

Dentist chain Colosseum Dental paid over 2 million euros in ransom to a criminal group that held its systems hostage, people involved told the Volkskrant. According to the newspaper’s sources, the cyber criminals shut down the dental organization, which has over 130 branches in the Benelux, with ransomware LV.

The hackers gained access to a lot of sensitive data from Colosseum Dental and its affiliates and threatened to make it public. Colosseum’s backup servers did not have all the data, leaving the organization with no other option than to pay the ransom, the sources said.

The company would not confirm the amount paid. “We do not make any announcements about this on the advice of our external advisers,” a spokesperson said. The spokesperson said they reported the matter to the police and the Dutch Data Protection Authority and that it seems the organization got all its data back. “Our current estimate is that we do indeed have all the data.

“Caring for our patients is our top priority, and that prompted Colosseum Dental to reach out to the cyber attackers and make agreements for the return and security of our data. Only in this way were we able to minimize the risk for all those involved in such a short period of time and restore the practice relatively quickly,” the organization said on its website.

The ransomware attack shut down the 120 Colosseum practices in the Netherlands last week. Most will be open again this week. “We deeply regret that this cyber attack has disrupted our duty of care for our patients so seriously,” the company said.

According to the Volkskrant, the cyber attackers used LV ransomware, a relatively new type of ransomware believed to stem from REvil - ransomware from a Russian criminal group that sold the software to other hacker groups.