Tieu Dental Corporation, operating oral surgery practices in Campbell and Morgan Hill, California, reported unauthorized network access that potentially exposed sensitive patient data including Social Security numbers, medical records, and treatment plans.

The breach occurred on July 28-29 and was reported to the California Attorney General on March 5, 2026. Compromised data categories include full names, dates of birth, Social Security numbers, medical records, treatment plans, prescriptions, and health insurance information — essentially a complete patient identity and health profile.

While no evidence of actual data misuse has been found, the scope of exposed information creates significant identity theft and medical fraud risk for affected patients. The eight-month gap between the breach and the public disclosure raises questions about notification timelines.

Dental practices remain attractive targets for cybercriminals precisely because they store both financial identifiers (SSNs, insurance data) and protected health information in systems that often lack enterprise-grade security. Practices should audit their network access controls, implement multi-factor authentication, and ensure their cyber liability insurance covers breach notification and credit monitoring costs.

Read the full article →