By HFT Staff

On or around March 13, 2025, Vibra Hospital of Sacramento, LLC discovered suspicious activity related to several employee email accounts. Upon discovery, they took immediate action to secure the accounts and engaged a team of third-party specialists to investigate the incident. A thorough investigation determined that six employee email accounts were subject to unauthorized access between March 12, 2025, and March 22, 2025. Upon confirmation of unauthorized access to these email accounts, they commenced an investigation to determine whether the affected accounts contained sensitive information pertaining to individuals. On August 4, 2025, following a thorough review, they confirmed that a limited amount of personal information may have been accessed by an unauthorized third-party in connection with this incident. 

The types of information contained within the affected accounts may have included patient names, addresses, date of birth, Social Security number, date of medical service, medical diagnosis information, individual health insurance policy number, physician or medical facility information, medical condition or treatment information, Medicare or Medicaid number, patient account, financial account number. Importantly, the potentially impacted information may vary for each individual and may include all or just one of the above-listed types of information. 

At this time, Vibra Hospital is not aware of any evidence to suggest that any information has been misused. However, they were unable to rule out the possibility that the information could have been accessed. Therefore, out of an abundance of caution, they are notifying potentially impacted individuals of this incident. 

In response to this incident, they have partnered with forensic specialists to evaluate and reinforce existing security measures within their email environment and are reviewing their policies and procedures related to data security.