Community Health Systems announced on Monday that hackers recently broke into its computers and stole data on 4.5 million patients. The company operates over 206 hospitals in 28 states including Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas.
Apparently the hack originated from China and used a high end malware to breach the companies network sometime in April or June of this year the hired cyber-security experts at Mandiant told Community Health Systems.
The same hackers have been conducting corporate espionage, targeting valuable information about medical devices, the Federal investigators told the hospital systems.
The hackers stole personal information and were not able to steal medical histories, clinical operations or credit cards of patients. The stolen personal information is also protected by the Health Insurance Portability and Accountability Act (HIPAA) and the state attorneys generals can sue for damages.
The hospital network announced that it has successfully wiped the malware and protected it’s network from further breaches. It is also planning to offer identity theft protection to the 4.5 million victims.