Posted on December 15, 2020 by Sonoma Valley Sun
Sonoma Valley Hospital has begun notifying the more than 65,000 patients whose medical information may have been stolen in an October 11 ransomware attack. The massive data breach, believed to be the work of Russian hackers, was one in a series of cyberattacks on hospitals across the country.
The hospital did not pay the ransom. Computer systems were shut down, and law enforcement called in.
Based on the reports of its forensics analysts, the hospital said it does not believe patient financial information such as credit card or social security numbers was accessed, nor was patient information in the hospital’s electronic health record system.
SVH said it is not aware of any misuse or attempted misuse of patient health information.
Affected patients are being sent a letter providing details on the breach and explaining the resources available to them to safeguard their personal information, including recommendations regarding medical identity theft protection.
“We deeply regret the incident and the concern it has caused to our patients,” said Kelly Mather, CEO. “The confidentiality of patient personal information is extremely important to us and we have involved experts to activate a series of enhanced security measures to improve information security and prevent further ransomware or cybersecurity attacks.”
The hospital reports that a thorough investigation has determined that information about patients whose insurers were billed for services since 2009 may have been compromised. SVH estimates this potentially affects approximately 67,000 patients.
The affected patient records include health claims data sent to insurers electronically, including patient name, address, birthdate, insurer group number, and subscriber number, as well as diagnosis or procedure codes, date of service, place of service, amount of claim, and secondary payer information.
SVH said anyone with questions about the breach should call 1-877-374-2465. The line is available Monday through Friday from 6 a.m. – 3:30 p.m.
The local ransomware attack was one of several nationwide.