HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Zest Dental Solutions Alerts Customers to Payment Card Information Breach

Carlsbad, CA-based Zest Dental Solutions has discovered an unauthorized individual has gained access to its e-commerce system and potentially stole the credit card details of some of its customers.

A number of customers reported receiving unusual emails containing information related to past Zest Dental Solutions purchases. The complaints prompted an investigation and an external cybersecurity firm was brought in to conduct a thorough analysis of the company’s systems. On February 16, 2017, it was confirmed that the company’s e-commerce system had been breached.

That system contained credit card numbers, CVV codes, expiry dates, customers’ names, addresses, and phone numbers. Individuals affected by the security incident had previously made purchases through the website between December 13, 2013 and September 21, 2014 or between November 2, 2016 and February 4, 2017. The breach also impacts customers who purchased items prior to the company changing its name from Zest Anchors.

Since credit card details may have been stolen, affected individuals are at risk of experiencing credit card fraud and should take precautions to secure their accounts. Customers have been told to carefully monitor their credit card statements for any sign of fraudulent activity.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

While affected individuals have not been offered credit monitoring services, they may be refunded any reasonable fraudulent charges that are not reimbursed by their credit card providers.

Website breaches are a major concern for any organization that operates an e-commerce website. It is essential that regular scans are performed to check for any potential malicious activity and to implement security measured to keep sites secured.

In response to the security breach, Zest Dental Solutions has improved security on its e-commerce site and will be switching to an alternative card payment processing system. Additional security controls have also been added to the site to better protect customers’ sensitive information in the future.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.