Dr. Doug’s Pediatric Dentistry reports data security incident

Dr. Doug’s Pediatric Dentistry has disclosed a data security incident after detecting unusual activity in an employee email account in September 2024, prompting an investigation and subsequent patient notifications.

The dental practice said the suspicious activity was limited to a single email account, which was immediately secured with a password reset. An outside investigation could not determine whether emails in the account were accessed without authorization, but confirmed that no other systems or networks were affected.

As a precaution, Dr. Doug’s conducted a review of the account to identify whether patient information was present and to verify contact details for notification. That review was completed in June 2025, at which time letters were mailed to potentially affected individuals.

The information at risk includes names, dates of birth, diagnosis or dental treatment details, and Medicaid or dental insurance information. In a small number of cases, Social Security numbers or driver’s license numbers may also have been exposed. The practice has reported the incident to regulators, though it has not yet appeared on the U.S. Department of Health and Human Services’ Office for Civil Rights breach portal, leaving the number of individuals impacted unclear.

Dr. Doug’s said it has enhanced the security of its email systems and established a toll-free call center for patients seeking more information. Representatives are available Monday through Friday from 7 a.m. to 7 p.m. Mountain Time at 833-594-5308.