Data breach exposes nearly 900 San Francisco hospital patients' information