News

Hackers steal data of millions of hospital patients nationwide

Hackers steal data of millions of hospital patients nationwide

COMMUNITY HEALTH: The stolen information included patient names, addresses, birth dates, telephone numbers and Social Security numbers of people who were referred for or received services from doctors affiliated with the hospital group in the last five years, it said in a regulatory filing on Monday. Photo: clipart.com

(Reuters) – Community Health Systems Inc, one of the biggest U.S. hospital groups, said it was the victim of a cyber attack that originated in China, resulting in the theft of personal data belonging to 4.5 million patients in April and June.

The stolen information included patient names, addresses, birth dates, telephone numbers and Social Security numbers of people who were referred for or received services from doctors affiliated with the hospital group in the last five years, it said in a regulatory filing on Monday.

Community Health Systems spokeswoman Tomi Galin said the company believes the attack originated from China because federal law enforcement and forensics experts with FireEye Inc unit Mandiant had told it that “the methods and techniques” employed by the hackers were consistent with a particular group of hackers operating in China.

Galin did not identify the group by name or say if it was believed to be linked to the Chinese government.

In May, a U.S. grand jury indicted five Chinese military officers on charges that they hacked into U.S. companies for sensitive manufacturing secrets, the toughest action taken by Washington to address cyber spying to date. China has denied the charges.

Community Health Systems said in the regulatory filing investigators have told it that the Chinese group believed to be behind the attack typically seeks valuable intellectual property, such as medical device and equipment development data, rather than the personal information stolen from the hospital group.

Galin told Reuters that the suspects had not stolen that type of information.

Officials with Mandiant could not immediately be reached for comment. FBI spokesman Joshua Campbell confirmed that the agency was investigating the case, but declined to elaborate.

The company’s filing said that the stolen data did not include credit card numbers, medical or clinical information, though the types of personal information stolen were still covered by the U.S. government’s Health Insurance Portability and Accountability Act, or HIPAA.

The FBI had warned healthcare providers in April that their cybersecurity systems were lax compared with other sectors, making them vulnerable to hackers looking for details that could be used to access bank accounts or obtain prescriptions.

Community Health, which has 206 hospitals in 29 states, said it has removed the malware from its systems and completed other remediation steps. It is now notifying patients and regulatory agencies as required by law.

It also said it is insured against such losses and does not at this time expect a material adverse effect on financial results.

Community Health’s stock was up 48 cents at $51.48 in late-morning trading on the New York Stock Exchange.

(Reporting by Caroline Humer, Jim Finkle and Shailesh Kuber; Editing by Joyjeet Das, Lisa Von Ahn, Chizu Nomiyama and Dan Grebler)

Recent Headlines

in Local

State Lawmaker: IDOT Not the Only Agency Whose Hiring Process May be Suspect

idot

Federal monitor to check agency on hiring practices

in Local

Rauner Denies Involvement in Springfield Reporter’s Resignation

Illinois Republican gubernatorial candidate businessman Bruce Rauner participates in a Republican gubernatorial candidate debate Tuesday, Feb. 18, 2014, in Springfield, Ill. The four Republican gubernatorial candidates said that they’ll be willing to work with unions if elected but differed on how to approach the relationship during a downstate debate that largely focused on pension reform, taxes and just briefly on personal issues that have dogged some of the candidates.

Bruce Rauner says his fingerprints are not on the Chicago Sun-Times.

in Local

Raymond Cub Scouts Still Improving

medical

Police say the condition of three Cub Scouts is improving after they were injured in a chemical explosion.

in Local

Springfield Unemployment Numbers Show Decline

jobs

Unemployment dropped in all of Illinois' metro areas in September

in Election 2014, Local

Durbin: Sun-Times Reporter’s Departure “Worrisome”

Republican state Sen., Jim Oberweis, right, offers to give Democratic U.S. Sen. Dick Durbin, more paper after Durbin joked about only getting one page of paper for notes before their first of two televised debates prior to the Nov. 4 election Wednesday, Oct. 22, 2014, in Chicago. Oberweis, a dairy entrepreneur from Sugar Grove, has acknowledged it will take a big GOP year to unseat Durbin, the second-ranking Democrat in the U.S. Senate who's represented Illinois on Capitol Hill for more than three decades.

Bruce Rauner’s campaign is being accused of bullying the Chicago Sun-Times, and U.S. Sen. Dick Durbin (D-Ill.) says that should be a troubling sign to voters.