Community Health Systems Inc revealed on Monday that personal had been stolen by hackers from its computer network. According to the U.S. Hospital operator, 4.5 million accounts were stolen that included patient names and addresses sometime in April and June.
The 4.5 million people who were either referred to or received services from doctors affiliated with the service in the last five years were the ones affected by the attack. The attackers, according to Community Health, used malware and other technology to acquire the data from its system.
The company, one of the largest hospital operators in the U.S. with 206 hospitals in 29 states, went on to say that the data stolen also included birth dates, telephone numbers, and security numbers. However, patient credit card and medical information were not included.
Prior to the event, the FBI had warned healthcare providers back in April that the sector’s cybersecurity systems were not up to par when compared to other sectors. Because of this, healthcare providers were making themselves vulnerable to hackers.
Community Health and FireEye Inc unit Mandiant, its security contractor, stated that their belief that the attackers were from China. No additional information was provided as to why the companies believe this to be the case.
The company, prior to filing the regulatory document, has stated that it has removed the malware from its network and has completed the remediation efforts. It is currently notifying patients and regulatory agencies affected by this attack.