Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Sutter Health

Sutter Health Vendor Cyber Rating & Cyber Score

sutterhealth.org

Sutter Health is a not-for-profit, people-centered healthcare system providing comprehensive care throughout California. Sutter Health is committed to innovative, high-quality patient care and community partnerships, and innovative, high-quality patient care. Today, Sutter Health is pursuing a bold new plan to reach more people and make excellent healthcare more connected and accessible. The health system’s 57,000+ staff and clinicians and 12,000+ affiliated physicians currently serve more than 3 million patients with a focus on expanding opportunities to serve patients, people and communities better. Sutter Health provides exceptional, affordable care through its hospitals, medical groups, ambulatory surgery centers, urgent care clinics,


Sutter Health A.I CyberSecurity Scoring

Sutter Health
Company Information
Website:http://www.sutterhealth.org
Employees number:25,099
Number of followers:214,387
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:sutterhealth.org
Sutter Health Risk Score (AI oriented)
Between 600 and 649
logo
Sutter HealthHospitals and Health Care
Updated:
23/06/2026
614/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Sutter Health Global Score (TPRM)
xxxx
logo
Sutter HealthHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Sutter Health
Sutter HealthPoor
Current Score
614Caa (POOR)
01000
6 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
616Before Incident
JUNE 2026
613Before Incident
MAY 2026
608Before Incident
APRIL 2026
608Before Incident
MARCH 2026
605Before Incident
FEBRUARY 2026
601Before Incident
JANUARY 2026
598Before Incident
DECEMBER 2025
592Before Incident
NOVEMBER 2025
590Before Incident
OCTOBER 2025
586Before Incident
SEPTEMBER 2025
582Before Incident
AUGUST 2025
579Before Incident
JUNE 2025
616Before Incident
Breach
10 Jun 2025Sutter Health
Sutter Health, Lemonaid Health, & Redeemer Health Settle Pixel Data Breach Lawsuits

Sutter Health, Lemonaid Health, & Redeemer Health Settle Pixel Data Breach Lawsuits

568After Incident
CRITICAL-48
SUT1765814693
Sutter Health, Lemonaid Health, and Redeemer Health Settle Pixel Data Breach Lawsuits Three healthcare providers—Sutter Health, Lemonaid Health, and Redeemer Health—have reached settlements in class action lawsuits alleging unauthorized disclosures of patient data via website tracking technologies, including pixels, cookies, and web beacons. These tools, commonly used for analytics and marketing, were accused of transmitting protected health information (PHI) to third parties like Meta and Google without proper consent or compliance with HIPAA regulations. Sutter Health The California-based nonprofit health system faced consolidated lawsuits (Jane Doe I and Jane Doe II v. Sutter Health) over claims that its website and patient portal shared PHI with third parties. The case proceeded on allegations of violating the California Invasion of Privacy Act (CIPA) and breaching express and implied contracts. A $21.5 million settlement was approved, with no admission of wrongdoing. Class members—California residents who accessed Sutter’s MyHealthOnline portal between June 10, 2020, and March 20, 2020—may receive up to $90 each. Remaining funds will go to privacy-focused nonprofits. The final fairness hearing is set for February 27, 2026, with a claim deadline of January 28, 2026. Lemonaid Health The telemedicine provider, owned by 23andMe, settled a lawsuit (A.J. v. Lemonaid Health) alleging its website shared PHI with Meta and Google via tracking pixels. The case was transferred to bankruptcy court after the defendants filed for Chapter 11. A $3.25 million settlement fund was established, with approximately 35,000 class members eligible for one-time payments. The final fairness hearing is scheduled for January 20, 2026, with objections due by January 5, 2026, and claims by February 23, 2026. Redeemer Health The Pennsylvania-based Catholic healthcare provider settled consolidated lawsuits (Doe v. Redeemer Health) over allegations that its websites and patient portals transmitted PHI to third parties without consent. The settlement offers class members a $25 cash payment and a year of dark web monitoring via CyEx Privacy Shield Pro. The final approval hearing is set for February 9, 2026, with claims due by January 9, 2026. All three cases highlight the risks of tracking technologies in healthcare, where PHI exposure can lead to legal and regulatory scrutiny. The settlements reflect ongoing concerns over compliance with HIPAA and state privacy laws.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Data Collection for Marketing/Third-Party Use
IMPACT
Sutter Health: $21,500,000 settlementLemonaid Health: $3,250,000 settlementData Compromised: Personally identifiable health information (PHI), protected health information (HIPAA-protected data)WebsitesPatient PortalsBrand Reputation Impact: Likely negative impact due to lawsuits and settlementsLegal Liabilities: Class action lawsuits, regulatory scrutinyIdentity Theft Risk: High (exposure of PHI and PII)
DATA BREACH
Personally identifiable health information (PHI)Protected health information (HIPAA-protected data)Sensitivity Of Data: High (health-related, personally identifiable)Data Exfiltration: Transmitted to third parties (Meta, Google, etc.)Personally Identifiable Information: Yes (health information, user activity data)
SEPTEMBER 2024
670Before Incident
Breach
31 Aug 2024Sutter Health
Sutter Health and SSM Health: Two Scattered Spider hackers plead guilty over Transport for London cyberattack

Scattered Spider Hackers Plead Guilty in £29M TfL Cyberattack

583After Incident
CRITICAL-87
SUTCAM1782210474
Scattered Spider Hackers Plead Guilty in £29M TfL Cyberattack Two members of the cybercriminal group Scattered Spider Thalha Jubair (20, London) and Owen Flowers (18, Walsall) have pleaded guilty to charges under the UK’s Computer Misuse Act for their roles in a 2024 cyberattack on Transport for London (TfL). The breach, which occurred between 31 August and 3 September 2024, resulted in £29 million in losses and recovery costs, disrupted critical services, and forced TfL to reset passwords for all 28,000 employees in person. The attack targeted TfL’s Oyster refunds system, delaying customer reimbursements and shutting down the application portal for Oyster photocards used by children and young people. The National Crime Agency (NCA) confirmed that the hackers accessed sensitive data, causing prolonged inconvenience for millions of daily commuters. Investigators linked Flowers to additional intrusions, including breaches of U.S. healthcare providers SSM Health and Sutter Health. Seized devices including laptops, hard drives, and USB storage contained screenshots of TfL infrastructure access and videos of Jubair navigating TfL systems, with the pair communicating via Telegram and an online collaboration platform. Flowers was first arrested on 6 September 2024 and later breached bail conditions twice in 2025. Both suspects were apprehended at their homes on 16 September 2025 by the NCA and City of London Police. Deputy Director Paul Foster of the NCA’s National Cyber Crime Unit emphasized the real-world impact of the attack, stating it inflicted financial harm on critical national infrastructure and disrupted public services. Deputy Commissioner Nik Adams of the City of London Police warned that such attacks would face serious consequences. Sentencing for Jubair and Flowers is scheduled for 16 July.
INCIDENT DETAILS -
TYPE
Cyberattack
MOTIVATION
Financial gain
IMPACT
Financial Loss: £29 millionData Compromised: Sensitive dataOyster refunds systemOyster photocards application portalOperational Impact: Disrupted critical services, delayed customer reimbursements, forced password resets for 28,000 employees
DATA BREACH
Type Of Data Compromised: Sensitive data
NOVEMBER 2023
714Before Incident
Breach
01 Nov 2023Sutter Health
Sutter Health

Welltok Data Breach

643After Incident
CRITICAL-71
SUT44271123
The U.S. healthcare services business Welltok revealed a data breach that affected around 8.5 million patients. The business was one among the targets of a widespread hacking campaign that took advantage of a zero-day vulnerability in the MOVEit Transfer programme. The exposed information includes patient information, including phone numbers, physical addresses, email addresses, and full names. Threat actors also obtained specific health insurance details, Medicare/Medicaid ID numbers, and Social Security numbers (SSNs) for some of the affected individuals. The following organisations, on behalf of which Welltok is delivering notice to affected individuals, are Asuris Northwest Health, BridgeSpan Health, Blue Cross and Blue Shield of Minnesota, Blue Cross and Blue Shield of Alabama, Blue Cross and Blue Shield of Kansas, Blue Cross and Blue Shield of North Carolina, Corewell Health, Faith Regional Health Services, Mass General, Brigham Health Plan, Priority Health, Regence BlueCross BlueShield of Oregon, Regence BlueShield, Regence BlueCross BlueShield of Utah, Regence Blue Shield of Idaho, St. Bernards Healthcare, and Sutter Health.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Phone numbersPhysical addressesEmail addressesFull namesHealth insurance detailsMedicare/Medicaid ID numbersSocial Security numbers (SSNs)
DATA BREACH
Personal InformationHealth Insurance DetailsMedicare/Medicaid ID NumbersSocial Security NumbersNumber Of Records Exposed: 8.5 millionSensitivity Of Data: High
MAY 2023
756Before Incident
Breach
30 May 2023Sutter Health
Sutter Health

Sutter Health MOVEit Transfer Data Breach

706After Incident
CRITICAL-50
SUT004091825
The California Office of the Attorney General disclosed a data breach affecting Sutter Health, a major healthcare provider, on November 3, 2023. The incident originated on May 30, 2023, when an unidentified threat actor exploited a vulnerability in the MOVEit Transfer server, a third-party file transfer tool used by the organization. The attacker successfully exfiltrated sensitive personal data, including patient names and other personally identifiable information (PII). While the breach exposed confidential records, no evidence of misuse or further malicious activity (e.g., financial fraud, identity theft, or ransom demands) has been reported as of the disclosure.The breach highlights vulnerabilities in third-party software supply chains, which cybercriminals increasingly target to access high-value data. Sutter Health, which operates a network of hospitals and medical facilities, likely faced operational and reputational risks due to the exposure of patient data, though the immediate financial or systemic impact appears contained. The incident aligns with broader trends in healthcare cyberattacks, where protected health information (PHI) remains a prime target for exploitation in underground markets or follow-on attacks. Regulatory scrutiny and potential compliance penalties (e.g., under HIPAA) may follow, given the sensitive nature of the compromised data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
NamesOther personal informationMOVEit Transfer serverIdentity Theft Risk: Potential (no evidence of misuse reported)
DATA BREACH
Personal dataNamesSensitivity Of Data: Moderate (personal information)
JUNE 2018
742Before Incident
Breach
01 Jun 2018Sutter Health
Sutter Health

Sutter Health Employee Data Breach

693After Incident
CRITICAL-49
SUT03315722
A Sutter Health employees were fired for accessing medical information without permission. However, they declined to state how many employees were fired and whose medical records they allegedly looked up. Their privacy auditing and monitoring technology have detected inappropriate access, and the individuals involved are no longer employed by Sutter Health. They are notifying the person, or persons, whose data was accessed.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Unknown
IMPACT
Data Compromised: Medical Information
DATA BREACH
Type Of Data Compromised: Medical InformationSensitivity Of Data: High
OCTOBER 2017
791Before Incident
Breach
11 Oct 2017Sutter Health
Sutter Health

Sutter Health Data Breach

735After Incident
HIGH-56
SUT151080425
On February 7, 2018, the California Office of the Attorney General reported a data breach involving Sutter Health that occurred on October 11-12, 2017. The breach was the result of a phishing attack on a vendor, Salem and Green, allowing unauthorized access to personal information, including names, Social Security numbers, and California driver’s license numbers, for individuals affiliated with Sutter Health.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
namesSocial Security numbersCalifornia driver’s license numbers
DATA BREACH
Personal InformationSensitivity Of Data: HighnamesSocial Security numbersCalifornia driver’s license numbers

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Sutter Health ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Sutter Health's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Sutter Health's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Sutter Health ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Sutter Health's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?