DentaQuest A.I CyberSecurity Scoring
DentaQuest
Company Information
Website:https://www.dentaquest.com
Employees number:1,410
Number of followers:21,323
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:dentaquest.com
DentaQuest Risk Score (AI oriented)
Between 600 and 649
DentaQuestHospitals and Health Care
Updated:
05/06/2026
05/06/2026
606/1000
Poor
Caa
DentaQuest Global Score (TPRM)
xxxx
DentaQuestHospitals and Health Care
Score locked

DentaQuestPoor
Current Score
606Caa (POOR)
01000
3 incidents
-56 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
606
JUNE 2026
606
Vulnerability
04 Jun 2026 • DentaQuest
Cisco: PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability
Critical SSRF Vulnerability in Cisco Unified CM Exploited via Public PoC
606
CRITICAL0
CIS1780568638
Critical SSRF Vulnerability in Cisco Unified CM Exploited via Public PoC
A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME), tracked as CVE-2026-20230. The flaw, rated 8.6 (High) on the CVSS v3.1 scale but classified as Critical by Cisco due to its potential for root-level privilege escalation, exposes vulnerable systems to remote exploitation.
The vulnerability arises from improper input validation in HTTP requests (CWE-918), allowing unauthenticated attackers to interact with internal services. By sending crafted HTTP requests, threat actors can perform SSRF attacks and write arbitrary files to the underlying OS, enabling privilege escalation and potential full system compromise. Exploitation is only possible if the Cisco WebDialer service disabled by default but active in some deployments is enabled.
The public release of the PoC exploit heightens the risk, as it provides attackers with a functional attack method. Security researchers confirm the exploit demonstrates SSRF-based file-writing capabilities, which could be used for persistence or further lateral movement, particularly in internet-facing or compromised internal networks.
Affected systems include Cisco Unified CM and Unified CM SME with the WebDialer service running. Administrators can check vulnerability status via the Cisco Unified CM Administration interface under Cisco Unified Serviceability > Control Center – Feature Services. If the Cisco WebDialer Web Service is marked as "Started," the system is exposed.
Cisco has released software updates to patch the flaw, with no official workarounds available. As a temporary mitigation, disabling the WebDialer service is recommended. Additional defensive measures include restricting access to management interfaces and monitoring for suspicious outbound HTTP requests or unauthorized file creation.
While no active compromises have been reported, organizations are urged to prioritize patching due to the high risk of exploitation and the potential for root-level access. The vulnerability underscores the urgency of securing enterprise communication systems against SSRF-based attacks.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
MAY 2026
661
Breach
26 May 2026 • DentaQuest
DentaQuest: DentaQuestData Breach?
ShinyHunters Claims Responsibility for Alleged DentaQuest Data Breach
605
CRITICAL-56
DEN1779855877
ShinyHunters Claims Responsibility for Alleged DentaQuest Data Breach
The cybercriminal group ShinyHunters has claimed responsibility for a suspected data breach targeting DentaQuest, a major U.S. dental and vision insurance provider. While neither DentaQuest nor its parent company, Sun Life U.S. Dental, has officially confirmed the incident, ShinyHunters has threatened to release stolen data on May 27, 2026, though specifics about the compromised information remain undisclosed.
Legal teams are investigating the breach to determine whether a class action lawsuit can be filed on behalf of affected individuals, including current and former DentaQuest subscribers. Potential claims could cover damages such as loss of privacy, time spent mitigating the breach, and out-of-pocket costs. Attorneys are seeking input from those who may have been impacted to assess the viability of legal action.
ShinyHunters, known for targeting high-profile organizations, has been linked to other breaches in 2026, though details of those incidents remain limited. The group’s involvement in the DentaQuest case underscores ongoing risks in the healthcare sector, where sensitive personal and insurance data remains a prime target for cybercriminals. Further updates are expected as the investigation progresses.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
660
MARCH 2026
658
FEBRUARY 2026
656
JANUARY 2026
654
DECEMBER 2025
652
NOVEMBER 2025
650
OCTOBER 2025
647
SEPTEMBER 2025
645
AUGUST 2025
643
JANUARY 2025
767
Ransomware
06 Jan 2025 • DentaQuest
DentaQuest: DentaQuest Data Breach Exposes Information of 2.6 Million People
DentaQuest Data Breach Exposes Personal and Health Data of 2.6 Million Individuals
624
CRITICAL-143
DEN1780676951
DentaQuest Data Breach Exposes Personal and Health Data of 2.6 Million Individuals
DentaQuest, a U.S.-based dental benefits administrator under Sun Life U.S., disclosed a data breach affecting approximately 2.6 million people. The incident was reported to the U.S. Department of Health and Human Services on January 6, 2025, with the company publishing a security update shortly after.
The breach involved unauthorized access to a portion of DentaQuest’s network, attributed to the ransomware group ShinyHunters. Exposed data included names, dates of birth, email addresses, genders, government-issued IDs, phone numbers, addresses, and health insurance information.
DentaQuest launched an investigation to assess the full scope of the compromise, which remains ongoing as of June 1, 2026. Despite the breach, the company stated its systems remained operational, with minimal disruption to client services. DentaQuest has pledged to provide updates and transparency to affected individuals.
No further details on remediation or preventive measures have been released.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for DentaQuest ??
What was DentaQuest's A.I Rankiteo Cyber Score in June 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in May 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in April 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in March 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in February 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in January 2026 ??
What was DentaQuest's A.I Rankiteo Cyber Score in December 2025 ??
What was DentaQuest's A.I Rankiteo Cyber Score in November 2025 ??
What was DentaQuest's A.I Rankiteo Cyber Score in October 2025 ??
What was DentaQuest's A.I Rankiteo Cyber Score in September 2025 ??
What was DentaQuest's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on DentaQuest's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with DentaQuest ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view DentaQuest's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?