SeniorCare PAC reports data breach caused by Cognisight MOVEit incident
Learn More
Cognisight, LLC reported a data breach on behalf of SeniorCare PACE, also known as Sutter Senior Care. The breach occurred due to a vulnerability in Cognisight's file transfer tool called MOVEit, which resulted in unauthorized access to sensitive information belonging to Sutter Senior Care patients.
The compromised data includes :
- patients' names,
- dates of birth,
- Social Security numbers,
- health information (such as treatment details and diagnosis),
- provider information,
- patient identification numbers.
The number of affected individuals is not disclosed.
Upon discovering the breach, Cognisight initiated an investigation and subsequently sent data breach notification letters to all individuals affected by the incident.
The breach was first discovered on May 31, 2023, and an investigation was immediately launched. On June 5, 2023, Cognisight confirmed that files, including those containing sensitive patient information, had been accessed and removed from the MOVEit server. Cognisight then notified Sutter Senior Care about the incident on June 27, 2023.
After identifying the compromised data, Cognisight sent out data breach letters on July 22, 2023, to inform affected individuals. The breach notification letters bear both Cognisight's and Sutter Senior Care's logos.
