Hundreds of dentist offices across the U.S. have been crippled by ransomware in the latest attack to target the healthcare industry.

The attacks appear to have started as early as June 24 with some reports of ransomware affecting dentists in July. But a more widespread attack targeting dentists occurred Aug. 26, according to security researcher Brian Krebs.

The recent attack targeted services from PerCSoft, a provider of technology solutions for the dental industry, and The Digital Dental Record, a provider of an online medical data backup service called DDS Safe. The two companies are related, with The Digital Record using PerCSoft for information technology services.

Roughly 400 dentists are said to have been affected with the Sodinokibi ransomware that encrypted files and demanded a ransom payment. In a statement today, The Digital Dental Record said that the “ransomware had been deployed on the remote management software our product uses to back up client data” and that “immediate action was taken to investigate and contain the threat.”

“The safety and security of the technology solutions we provide our clients is always our top priority,” the company said. “In conjunction with law enforcement, we are actively investigating the incident and will provide more information when we are able.”

The ransomware attack seriously affected dental offices. “It had a devastating effect on our office,” a Milwaukee dentist told CNN. “Monday, Tuesday, Wednesday, until this morning when they got us up running, we were not able to see half of our patients because we were handicapped from taking x-rays. You can’t see an emergency patient without an x-ray. You can’t see a new patient without x-rays.”

In what some may call an unfortunate twist if one becoming more common, ZDNet, quoting an unnamed source, said both companies opted to pay the ransom demanded in the attack. Both The Digital Dental Record and PerCSoft are said to be sharing a decrypter with impacted dental offices as well, which may have been provided by those behind the attack once the ransom payment was made.

Shawn Kanady, director of cybersecurity firm Trustwave Holdings Inc.’s SpiderLabs, Digital Forensics and Incident Response team, told SiliconANGLE that today not everyone is paying the ransoms, so attackers want to hit the institutions or companies that are going to hurt the most because they’ll be put in a position where they’ll have to pay.

“These types of institutions are put in a position where they have to pay because they have to get back to business because of who they’re serving,” Kanady said. “Healthcare organizations are critically vulnerable because they don’t always have the most up-to-date software and usually are short on IT expertise.”

Photo: U.S. Air Force