By HFT Staff

Sutter Health has received notification that one of its vendors was affected by the MOVEit ransomware attack, leading to an unauthorized user gaining access and potentially extracting Sutter Health patient information. 

Welltok Inc., a Virgin Pulse company operates an online contact-management platform that enables Sutter Health to provide patients and members with important notices and communications. Based on the findings of Virgin Pulse’s investigation, it is estimated the personal information of approximately 845,441 Sutter Health patients may be impacted.  Importantly, Virgin Pulse can confirm social security numbers and financial information were not impacted by this incident. 

On Sept. 22, 2023, Virgin Pulse notified Sutter Health it had been impacted by the ransomware attack targeting the file transfer tool called MOVEit. Virgin Pulse confirmed it moved quickly to apply available patching, undertook recommended mitigation steps and launched an internal investigation, with the assistance of third-party cybersecurity specialists, to determine the potential impact of the vulnerabilities’ presence on the MOVEit Transfer server and the security of data housed on its server. Virgin Pulse states the investigation determined an unknown actor exploited vulnerabilities, accessed the MOVEit Transfer server between May 30, 2023, to May 31, 2023, and exfiltrated certain data from the MOVEit Transfer server during that time. On Oct. 24, 2023, Virgin Pulse provided Sutter Health with a final report on its investigation. 

Virgin Pulse has notified all impacted patients of this incident via mailed letters that include available services, resources and recommendations for patients to monitor any potential inappropriate use of their personal information.