Sutter SeniorCare PACE Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Sutter SeniorCare PACE regarding its recent data breach. The Sutter SeniorCare PACE data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.

ABOUT SUTTER SENIORCARE PACE:

Sutter SeniorCare PACE is a non-profit, healthcare services organization that works with elder adults to deliver comprehensive and quality support and care. Accordingly, Sutter SeniorCare PACE offers a variety of medical services, adult day healthcare services, and in-home healthcare and support services. Sutter SeniorCare PACE is a part of a larger healthcare system, Sutter Health, which was founded as early as the 1800s as a variety of independent community hospitals. Headquartered in Sacramento, California, Sutter SeniorCare PACE is an exclusive program for older adults in Sacramento County.

WHAT HAPPENED?

On May 31, 2023, Sutter SeniorCare PACE discovered that Cognisight, LLC, a third-party vendor which provides health care management services to Sutter SeniorCare PACE, had experienced a data breach in which the sensitive personal identifiable information and protected health information in Sutter SeniorCare PACE systems may have been accessed. Through its investigation, Cognisight determined that an unauthorized actor may have access and obtained sensitive data belonging to Sutter SeniorCare PACE through a vulnerability in the MOVEit file transfer platform between May 29 and May 30, 2023. Recently, Sutter SeniorCare PACE began contacting individuals whose information may have been impacted. The type of information exposed includes:

• Name
• Social Security number
• Date of birth
• Medical information (e.g., treatment information or diagnosis, provider information, patient identification number)