On or around April 23, 2025, Delta Dental of Virginia (“DDVA”) discovered suspicious activity involving one email account and immediately initiated an investigation. DDVA engaged independent cybersecurity experts to assist with the process. The investigation determined that certain emails and attachments may have been accessed and acquired without authorization between March 21, 2025, and April 23, 2025.
DDVA has no evidence of misuse or attempted misuse of the impacted information. However, out of an abundance of caution, DDVA is notifying affected individuals and offering 12 months of complimentary credit monitoring services through TransUnion.
Delta Dental of Virginia is the largest dental benefits provider in Virginia, serving over two million members since 1964 and offering various dental and vision plans. The company provides a range of options for individuals and employers, including plans with different network sizes, costs, and benefits, and also partners with VSP Vision Care for integrated vision coverage.
Following the breach, DDVA implemented additional security measures and employee training to reduce the risk of future incidents.
If you received a Data Breach notification letter from DDVA, it confirms that your information was potentially impacted.
What information is involved in the Delta Dental of Virginia Data Breach?
Compromised information may include:
First Name
Last Name
Social Security Number
State or Federal Government-Issued ID Number
Protected Health Information (PHI)
Your Personally Identifiable Information (PII) includes details that can identify you, and organizations are legally obligated to safeguard this data. Failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is protected under federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
Residents of California benefit from enhanced privacy rights under the California Consumer Privacy Act (CCPA) and medical privacy protections under the Confidentiality of Medical Information Act (CMIA). These laws grant additional rights and remedies for breaches involving personal and medical data.
If you received a NOTICE OF DATA BREACH letter from DDVA, your personal, financial, and/or medical information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.
Contact the Data Breach Lawyers at Emery | Reddy, PC for a Free Case Review today.