Advantage Dental, a Redmond-based provider that serves low-income patients at more than 30 clinics in Oregon, announced Monday an intruder had breached its internal membership database in late February and accessed information on more than 151,000 patients.

Compromised data included names, Social Security numbers, birthdates, phone numbers and home addresses, but not treatment or financial information. So far, no patients have reported their information was used for criminal activity, but Advantage says it’s covering the cost of an identify theft monitoring service for those affected and is working with law enforcement to determine the scope of the incident.

Jeff Dover, Advantage’s compliance manager, said the theft occurred when malware gained access to an Advantage employee’s computer and obtained a username and password that allows access to the membership database, which is separate from the database that contains financial and treatment information.

All Advantage computers are equipped with anti-virus software, but sometimes software does not detect new variations of a virus, he said.

“Unfortunately this happened,” he said. “What you can do is be as transparent as you can, take responsibility for it, learn from it and then move on.”

The intruder accessed the information between Feb. 23-26, when Advantage’s internal IT specialists detected the security breach. Dover said Advantage’s robust, in-house IT team allowed it to identify the breach quickly.

“In other situations, hackers are running around in these databases for months on end,” he said.

Advantage is working to notify the affected patients. According to its website, Advantage serves nearly 250,000 patients per year, but Dover said the database that was breached contains 1.5 million total records. It has also reported the incident to the Oregon Attorney General’s office, the Oregon State Police and the U.S. Secret Service, Dover said. There are no suspects at this time.

Among the changes Advantage has made to prevent future breaches is no longer allowing access to its internal patient database from computers that are not within Advantage clinics or its headquarters in Redmond. It also controls the Internet sites its employees are able to use, although there is no indication the employee whose computer had malware was “surfing nefarious websites,” Dover said. The company also requires employees change their passwords regularly and tracks all the traffic that comes into its database.

Mosaic Medical, a community health center that serves low-income patients in Central Oregon, reported a security breach Thursday. In that situation, the personal information — including insurance information, phone numbers and email addresses — of more than 2,200 patients may have been accessed during an overnight break-in at a temporary administrative office in Bend, where patient records are being stored.

Security breaches are new for Advantage, Dover said, but hackers are constantly trying to gain access to health care providers.

“Ninety-nine point nine percent of them are rebuffed, but you always have that one out of however-many that actually gets through,” he said.

— Reporter: 541-383-0304,

tbannow@bendbulletin.com