Patients at Sutter North Surgery Center exposed in 'data security incident'

Sep. 8—Sutter Health officials announced late Friday an investigation determined that about 861 Sutter North Surgery Center patients were impacted by a "data security incident" that occurred sometime last year.

Sightpath Medical LLC, a vendor of Sutter Health which provides cataract and Lasik equipment, reported that on Feb. 9, 2022, it became aware of unusual activity that could have threatened the security of its digital records.

"Sightpath immediately took steps to secure its digital environment and engaged a dedicated team of external cybersecurity experts to assist in responding to and investigating the incident," Sutter Health said in a statement. "As a result of this investigation, Sightpath learned that an unauthorized actor(s) accessed certain files and data stored within its systems. Sightpath then launched a comprehensive review of all potentially affected information to identify the individuals and information involved."

Around June 14 of this year, Sightpath determined the data sets potentially accessed included personal information, and notification was provided to Sutter Health and other affected parties on Aug. 14.

"Sightpath has notified impacted patients of this incident via mailed letters that offers available services, resources, and recommendations for patients to monitor any potential inappropriate use of their personal information — including 12 months of complimentary services through Experian, which includes credit monitoring, dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully-managed identity fraud loss reimbursement policy," officials said.

Impacted patients interested in enrolling in Experian IdentityWorks should contact Experian's customer care team at 833-420-2825 from 6 a.m. to 6 p.m. Monday through Friday by Nov. 30 to activate these complimentary Experian services.