Over 4 million patients’ info stolen in Community Health hack

The Social Security numbers and data from about 4.5 million patients were stolen from Community Health Systems Inc, the company reported today on August 18. The company was a victim of a hacker from China.

This is the largest breach of patient data since June, when a Montana Department of Public Health server was hacked, and data was stolen from about 1 million patients.

Charles Carmakal, managing director of Mandiant, the forensics unit at FireEye, Inc. that is investigating these hacking attacks, said that both attacks seem to be from a group of skilled hackers in China. The group has successfully led attacks on other US companies.

"They have fairly advanced techniques for breaking into organizations as well as maintaining access for fairly long periods of times without getting detected," Carmakal said.

Carmakal and other representatives of Community Health Systems would not say whether the group was working for the Chinese government. U.S. officials have long suspected that the Chinese government has been hacking computer systems in the U.S. and worldwide.

A spokesperson for the FBI said the agency was looking into this hacking, but he would not give any more information about the case. The Department of Homeland Security told other healthcare companies more details about the attack, although they said the attack was confined to Community Health Systems as far as they knew right now.

Reuters talked to an anonymous agency official, who said, "While attribution of this incident is still being determined by a range of partners, we caution against leaping to premature conclusions about who or how many actors are behind these activities."

The stolen data included names, birthdays, and Social Security numbers of patients who had visited doctors at Community Health Systems, Inc in the last five years. Medical information was not stolen.

Healthcare companies may need to step up their cyber protection, the FBI told people who work in the healthcare sector in April. Protection in healthcare companies may be weaker than other types of companies, making them a weak point for hackers to breach to find private information or get prescriptions.

There has been an increase in hackings of healthcare companies in the past six months, Carmakal says, but this was the first case it saw where a Chinese hacking group stole personal data.

"It's hard to tell why these guys took the data or what they plan to do with it," Carmakal said.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics