Community Health Systems announced Monday that hackers, presumed to be from China, have stolen the personal data of 4.5 million patients.
The data stolen included:
- Birth dates
- Telephone numbers
- Social security numbers.
The affected individuals were referred to, or received services from, physicians affiliated with the company in the last five years.
The hacking group used ‘highly sophisticated malware and technology to attack the company’s systems,’ according to a filing with the US Securities and Exchange Commission.
The company has now removed the malware and protected its systems from future attacks of the same variety, a preventive measure that some would say has been taken far too late.
No credit card information or medical data was compromised, but the information that was compromised was considered protected under the Health Insurance Portability and Accountability Act (HIPPA).
The company is notifying affected patients across its 206 hospitals in 29 states.