NEWSROOM

Regional health care provider Sutter Health has confirmed that one of its vendors was affected by a MOVEit ransomware attack, which led to an unauthorized user gaining access and potentially accessing Sutter Health patient information.
 
The vendor, Welltok, Inc., a Virgin Pulse company, operates an online contact-management platform used by Sutter Health to deliver notices and communications to Sutter patients and members.
 
According to information published by Sutter Health, the vendor investigation of the breach found it potentially affects the personal information of approximately 845,441 Sutter Health patients. Importantly, Virgin Pulse confirmed Social Security Numbers and financial information were not impacted by this incident.
 
Virgin Pulse says the investigation determined an unknown actor exploited vulnerabilities, accessed the MOVEit Transfer server in May 2023, and exfiltrated certain data from the MOVEit Transfer server during that time.
 
During the same period, the California Public Employees’ Retirement System (CalPERS) and the California State Teachers’ Retirement System (CalSTRS) reported its member information was also breached from a third-party vendor’s use of the MOVEit file transfer program. Those breaches affected the information of more than one million retirees and beneficiaries serviced by CalPERS and CalSTRS. Globally, potentially tens of millions of individuals could be impact by multiple MOVEit breaches.
 
On October 24, 2023, Virgin Pulse provided Sutter Health with a final report on its investigation. Sutter Health posted information online on November 3.
 
Virgin Pulse has notified all impacted Sutter Health patients of this incident via mailed letters that include available services, resources, and recommendations for patients to monitor any potential inappropriate use of their personal information. If you have clients enrolled in Sutter Health, you may want to advise them of this breach.