In April and June, one of the largest hospital networks in the US was hacked. Community Health Systems says that cyber attacks originating in China stole the personal details of 4.5 million patients including names, addresses, telephone numbers, birth dates and Social Security numbers. In a regulatory filing, the company explained that an investigation into the breach showed “methods and techniques” used were similar to those employed by a group that’s been active in the country.
Community Health Systems Inc (CYH.N), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients. That would make the attack the largest of its type involving patient information since a U.S. Department of Health and Human Services website started tracking such breaches in 2009. The previous record, an attack on a Montana Department of Public Health server, was disclosed in June and affected about 1 million people. The attackers appear to be from a sophisticated hacking group in China that has breached other major U.S. companies across several industries, said Charles Carmakal, managing director with FireEye Inc’s (FEYE.O) Mandiant forensics unit, which led the investigation of the attack on Community Health in April and June. “They have fairly advanced techniques for breaking into organizations as well as maintaining access for fairly long periods of times without getting detected,” he said.