Was your personal information exposed in MCNA Dental’s 2023 data breach?You may be entitled to compensation for the insurer’s failure to adequately protect your sensitive information from hackers and identity thieves. 

Case Status
Practice Areas
Data Breach/Identity Theft and Privacy
U.S. District Court for the Southern District of Florida
Case Number
Managed Care of North America, Inc.
File Date


In February of 2023, cybercriminals gained access to MCNA Dental’s computer network and stole the personal information, including names, addresses, phone numbers, social security numbers, government-issued ID numbers, health insurance information, Medicare/Medicaid ID numbers, group plan names and numbers and information related to dental and orthodontic care provided, of nearly nine million people. The breach is the largest healthcare data breach in 2023 so far.


You may be affected if you are insured through MCNA Dental, which is the nation’s largest dental insurer for government subsidized Medicaid and Children’s Health Insurance Programs.


Data stolen in the breach includes:

  • Names
  • Social security numbers
  • Phone numbers
  • Addresses
  • Email addresses
  • Birth dates
  • Driver’s license numbers and other state-issued ID numbers
  • Group plan names and numbers
  • Medicaid/Medicare ID numbers
  • Bills and insurance claims
  • Information about dental and orthodontic treatments
  • Private medical information, including X-ray images

In some cases, according to reports, some of this data pertained to a patient’s “parent, guardian, or guarantor,” suggesting that children’s personal data was accessed during the breach.


According to reports, cybercriminals gained unauthorized access to MCNA Dental’s computer network between Feb. 26 and March 7, infecting the network systems with “malicious code” and extracting a hoard of sensitive personal data including social security and driver’s license numbers. A hacking group called LockBit made a $10 million ransom demand of the insurance company, and published the stolen files on its dark web page in April when the demand was not met. But cybersecurity experts warn that cybercriminals frequently attempt to sow doubt and confusion about their identities, and it is too soon to say definitively who is behind the attack.


People who are insured by MCNA must now take steps to protect themselves and mitigate the damages caused by the data breach. According to reports, identity theft is the most common consequence of a data breach and happens to about 65% of data breach victims. Consumers lost more than $56 billion to identity theft and fraud in 2020 alone, and over 75% of identity theft victims reported emotional distress.

Because MCNA did not protect its data properly, victims of the data breach will be forced to take all steps possible to mitigate damages caused by the breach. The insurer is offering one year of free credit monitoring to people affected by the breach, but Hagens Berman attorneys do not believe this is sufficient compensation for the lengths victims will have to go to protect themselves from bad actors, to say nothing of the stress and disruption to everyday life caused by an event like this.


MCNA Dental has a responsibility to protect the sensitive personal information and private medical data of its customers, many of whom are low-income or belong to other vulnerable populations. Its lax cybersecurity put them at high risk for identity theft and ongoing fear of financial and personal anguish, and Hagens Berman believes that consumers deserve swift and just recompense. The firm will investigate MCNA Dental for negligence and violations of state consumer protection laws and seeks to secure financial relief for the many consumers impacted by the breach.


Hagens Berman is one of the most successful plaintiffs’ law firms in the U.S. and has achieved more than $325 billion in settlements against some of the nation's largest corporations and other powerful entities. Hagens Berman is currently one of a select few firms chosen to lead the lawsuits against T-Mobile for its 2021 breach, in response to which the carrier has agreed to pay $350 million into a settlement fund for customers. The firm has also filed a case against T-Mobile on behalf of more than 37 million consumers whose data was compromised in a separate 2022 data breach.

Our legal team includes attorneys skilled in the area of data breach and security, including a former federal cyber-prosecutor and member of the Cyber and Intellectual Property Crimes Section in Los Angeles.


There is no cost or fee whatsoever involved in joining this action. In the event Hagens Berman or any other firm obtains a settlement that provides benefits to class members, the court will decide a reasonable fee to be awarded to the class's legal team. In no case will any class member ever be asked to pay any out-of-pocket sum.

Hagens Berman purchases advertisements on search engines, social media sites and other websites. Transmission of the information contained or available through this website is not intended to create, and receipt does not constitute, an attorney-client relationship. If you seek legal advice or representation by Hagens Berman, you must first enter a formal agreement. All information contained in any transmission is confidential and Hagens Berman agrees to protect information against unauthorized use, publication or disclosure. This site is regulated by the Washington Rules of Professional Conduct.