Published On: Tue, Aug 19th, 2014

Hackers steal over 4.5 million patient records from Community Health Systems

About 4.5 million patients at any of the 206 Community Health Systems-operated hospitals around the United States have had their records stolen by hackers, the company announced Monday. The stolen data includes very sensitive information.

Photo: MoD/MOD

Photo: MoD/MOD

Anyone who received treatment in a CHS-operated hospital over the last five years is affected by the breach. Additionally, patients who were merely referred to one of the company’s hospitals during that time period are also impacted.

The hackers stole names, Social Security numbers, physical address, birthdays and telephone numbers in two attacks this spring. It does not include credit card, medical or clinical information, the Wall Street Journal reported. (emphasis added, The Dispatch)

The attackers appear to be from a sophisticated “Advanced Persistent Threat” hacking group in China that has breached other major US companies across several industries, said Charles Carmakal, managing director with FireEye Inc’s Mandiant forensics unit, which led the investigation of the attacks on Community Health in April and June.

“They have fairly advanced techniques for breaking into organizations as well as maintaining access for fairly long periods of times without getting detected,” he told Reuters.

The hackers utilize sophisticated malware to conduct corporate espionage, and has typically sought valuable intellectual property, such as medical device and equipment development data, according to federal authorities and Mandiant, the company said.

CHS is notifying patients affected by the attack and offering them identity theft protection services.

The company owns, leases or operates 206 hospitals in 29 states, mostly in rural locations, according to the Wall Street Journal. It would be the largest theft of personal patient information since a US Department of Health and Human Services website began tracking medical breaches in 2009, Reuters reported.

The states impacted include the southeast and soutwest portions of America, including California, Texas, Florida, Georgia, Arizona and North Carolina.

The company is working closely with government law enforcement authorities during the course of their investigation. The Federal Bureau of Investigation said it’s working closely with the hospital network and “committing significant resources and efforts to target, disrupt, dismantle and arrest the perpetrators,” according to CNNMoney.

CHS also hired cybersecurity firm Mandiant to investigate, and has since eradicated the malware from its systems. It has also implemented remediation efforts to prevent similar attacks in the future.

On the DISPATCH: Headlines  Local  Opinion

Subscribe to Weekly Newsletter

* indicates required

About the Author

- Writer and Co-Founder of The Global Dispatch, Brandon has been covering news, offering commentary for years, beginning professionally in 2003 on Crazed Fanboy before expanding into other blogs and sites. Appearing on several radio shows, Brandon has hosted Dispatch Radio, written his first novel (The Rise of the Templar) and completed the three years Global University program in Ministerial Studies to be a pastor. To Contact Brandon email [email protected] ATTN: BRANDON

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



The Global Dispatch Facebook page- click here

Movie News Facebook page - click here

Television News Facebook page - click here

Weird News Facebook page - click here