Sonoma Valley Hospital (SVH) has begun notifying patients potentially affected by the theft of hospital records containing personal and medical information in a ransomware cyberattack on October 11, 2020 by what is believed to be a Russian “threat actor.” The event was part of a broader attack on hospitals across the country. SVH did not pay a ransom and promptly notified law enforcement.
Affected patients are being sent a letter providing details on the breach and explaining the resources available to them to safeguard their personal information, including recommendations regarding medical identity theft protection.
The hospital reports that a thorough investigation has determined that information about patients whose insurers were billed for services since 2009 may have been compromised. SVH estimates this potentially affects approximately 67,000 patients.
Based on the reports of the forensics analysts, the hospital said it does not believe patient financial information (such as credit card or social security numbers) was accessed, nor was patient information in the hospital’s electronic health record system.SVH said it is not aware of any misuse or attempted misuse of patient health information, and hospital forensics experts have searched for any potential redisclosures.
The affected patient records include health claims data sent to insurers electronically, including patient name, address, birthdate, insurer group number and subscriber number, as well as diagnosis or procedure codes, date of service, place of service, amount of claim, and secondary payer information.
“We deeply regret the incident and the concern it has caused to our patients,” said Kelly Mather, CEO. “The confidentiality of patient personal information is extremely important to us and we have involved experts to activate a series of enhanced security measures to improve information security and prevent further ransomware or cybersecurity attacks,” she said.
SVH said anyone with questions about the breach should call 1-877-374-2465. This line is available Monday through Friday from 6:00 a.m. – 3:30 p.m. Pacific Time.
Copy of Breach Notification LINK