Notice to Hospital Patients About Ransomware Attack
Leer en españolUpdated 12-10-2020
Copy of Patient Notification LINK
Sonoma Valley Hospital is committed to the privacy and security of patient information. As we reported recently, Sonoma Valley Hospital experienced a ransomware cyberattack on October 11, 2020 by what we believe is a Russian “threat actor.” This event was part of a broader attack on dozens of hospitals across the country. We immediately responded by shutting down all systems to contain the damage, which was largely successful in protecting hospital data. We have not paid anything to the threat actor and are cooperating with law enforcement.
In a ransomware attack, cybercriminals attempt to disrupt the business by locking companies out of their own data and servers. After discovering the attack, our cyber security team – in partnership with outside information technology and forensics experts – successfully prevented the cybercriminal from blocking our system access and ultimately expelled them from our system. Prior to our locking out the cybercriminal, the cybercriminal may have removed a copy of a subset of data.
Based on the reports of the forensics analysts, the hospital does not believe patient financial information (such as credit card or social security numbers) was accessed, nor was patient information in the hospital’s electronic health record system. SVH is not aware of any misuse or attempted misuse of patient health information, and hospital forensics experts have searched for any potential redisclosures.
The affected patient records include health claims data sent to insurers electronically, including patient name, address, birthdate, insurer group number and subscriber number, as well as diagnosis or procedure codes, date of service, place of service, amount of claim, and secondary payer information.
If you have concerns or questions, you may call our Patient Experience Team at 707.935.5154, Monday through Friday, 9:00 am to 3:30 p.m.
While we continue to restore full Hospital operations, we have maintained the ability to care for patients using our business continuity plan, and most of our services remain available.
- Emergency Care remains available 24/7.
- Necessary surgeries and elective procedures have not been disrupted by the incident and continue.
- The majority of diagnostic tests are being continued without interruption.
- The patient portal “Follow My Health” is available.
If you have questions regarding your particular health needs, please contact your physician or provider.