Vendor email compromise at Delta Dental: what IAM teams should note

TL;DR: Delta Dental’s security programme is framed around business email compromise and invoice fraud, with controls designed to protect 80 million members across 39 independent companies operating in all 50 states, according to Abnormal AI. The case shows that at scale, identity and email governance have to be built around business workflows, not just perimeter controls.

NHIMG editorial — here’s why we think this discussion matters

By the numbers:

• Delta Dental serves more than 80 million members across the country.
• Delta Dental operates through 39 independent member companies in all 50 states.

Questions worth separating out

Q: How should security teams reduce vendor email compromise risk in finance workflows?

A: They should remove email as the sole trust signal for any payment or vendor-change action.

Q: Why do business email compromise attacks succeed even in well-run organisations?

A: They succeed because many organisations still treat routine communication as proof of authority.

Practitioner guidance

• Map fraud-sensitive approval chains Identify invoice, vendor-change, and payment workflows that still trust email as an authority signal, then require a separate verification step before action is taken.
• Standardise verification across operating units Apply the same out-of-band approval and validation rules across all independent companies, subsidiaries, or departments that share business relationships.
• Separate communication trust from payment authority Ensure that the person who receives or forwards an email is never the only proof that a request is legitimate, especially for financial actions.

What to expect at the briefing

Abnormal AI's full webinar covers the operational detail this post intentionally leaves for the source:

• A walk-through of how Delta Dental prioritises business-driven security controls across large-scale member operations.
• Specific strategies for countering vendor email compromise attacks in complex approval environments.
• Practical tips for safeguarding patient data while maintaining a usable end-user experience.
• The security posture considerations that sit behind scalable protocols in a multi-entity insurance environment.

👉 Read Abnormal AI's webinar on Delta Dental’s response to vendor email compromise →

Vendor email compromise at Delta Dental: what IAM teams should note?

Explore further

View Full Forum →  |  NHI Foundation Course →