Schubert Jonckheer & Kolbe LLP is actively probing a data breach affecting 845,000 individuals whose sensitive personal and health information was compromised within California-based healthcare provider Sutter Health’s systems.
The breach allegedly traces back to Sutter Health sharing sensitive patient data with Welltok, Inc., a third-party contact-management company. Utilizing a third-party file transfer program called MOVEit, reportedly with security vulnerabilities dating back to 2021, hackers gained unauthorized access to Welltok’s systems on May 30, 2023, pilfering private personal and health information belonging to Sutter Health’s customers.
Patients were notified recently about the potential exposure of their personal data, including names, dates of birth, health insurance details, provider names, treatment costs, and medical diagnoses. However, the delay in informing affected individuals, beginning around October 31, 2023, after an incident that occurred over five months prior, raises concerns about potential violations of state and federal laws.
The firm highlighted that individuals impacted by this breach might face identity theft risks and serious privacy violations. They could potentially seek damages of $1,000 per violation and push for security practice improvements at Sutter Health through legal recourse.
For individuals who received breach notifications or are patients associated with Sutter Health seeking additional information on their legal rights, Schubert Jonckheer & Kolbe LLP encourages contacting them or visiting their website for further guidance.