The MOVEit software data breach affected hundreds of American companies. Sutter Health, with its affiliate WellTok, used MOVEit software for patient's medical information. Hundreds of thousands of Sutter Health patients' records were exposed when hackers exposed a vulnerability in the software in May 2023. The breach affected mostly residents California.

​

Sutter Health didn't tell its patients for months. Its first public acknowledgement of the breach was in November 2023--six months after hack. During that time, patients' personal medical information was circulating on the dark web and they had no idea. 

​

California protects its citizens with privacy laws specifically designed to protect highly sensitive data, like medical information. When medical providers are hacked, they are liable for any expenses their patients incur related to the loss of their data, statutory damages of up to $750 per patient, and other penalties. 

​

EKO has filed a complaint in the Eastern District of California federal court alleging violations of California privacy and consumer protection laws and the case is now a part of the MOVEit multi-district litigation. The case is IN RE: MOVEIT CUSTOMER DATA SECURITY BREACH LITIGATION, MDL No. 1:23-md-03083, and is venued in the U.S. District Court in the District of Massachusetts.

​

If you were a victim of unauthorized access of your personal medical information or social security number, or have information about this case, please contact an EKO attorney.

​