67,000 hospital patients notified about data breach

Sonoma Valley Hospital is notifying about 67,000 patients who may have been affected by an Oct. 11 cyber-attack that forced the shut down of the hospital’s computer system for several days, an official said.

The ransomware cyberattack, believed to be from a Russian “threat actor,” hit hospitals across the nation. Sonoma Valley Hospital did not pay a ransom, and did not reveal what the attackers demanded.

The hospital immediately took all its electronic systems offline, which disrupted the cyberattack as well as normal business operations including delaying some patients from getting test results or making appointments.

The hospital launched an investigation that found those who may have been compromised were some 67,000 patients whose insurers were billed for services since 2009.

The hospital is sending out the letter to patients that provides details on the breach, recommendations on medical identity theft protection, and explains resources available to them to protect personal information.

Information such as patient name, address, birthdate, insurer group number and subscriber number, as well as diagnosis or procedure codes, date of service, place of service, amount of claim, and secondary payer information is among what the hospital believes was accessed.

The forensic analyst reports do not indicate that credit card numbers or social security numbers were accessed, and neither was information the hospital kept on patients in its electronic health record system.

“We deeply regret the incident and the concern it has caused to our patients,” said Kelly Mather, CEO. “The confidentiality of patient personal information is extremely important to us and we have involved experts to activate a series of enhanced security measures to improve information security and prevent further ransomware or cybersecurity attacks,” she said.

Anyone with questions about the breach is encouraged to call 877-374-2465, Monday through Friday from 6 a.m. to 3:30 p.m.

Contact Anne at

UPDATED: Please read and follow our commenting policy:

  • This is a family newspaper, please use a kind and respectful tone.
  • No profanity, hate speech or personal attacks. No off-topic remarks.
  • No disinformation about current events.
  • We will remove any comments — or commenters — that do not follow this commenting policy.
Send a letter to the editor

Our Network

The Press Democrat
Sonoma Index-Tribune
Petaluma Argus Courier
North Bay Business Journal
Sonoma Magazine
Bite Club Eats
La Prensa Sonoma
Sonoma County Gazette