Hackers Hit Healthcare Hard

Hackers Hit Healthcare Hard

 

An outside group of hackers targeted Community Health Systems' computer network and stole 4.5 million individuals' nonmedical patient data, the company disclosed Monday in a regulatory filing.

The Franklin, Tenn.-based chain, which says it has 206 hospitals in 29 states (including California), said a group originating in China used highly sophisticated malware and technology in the criminal attack. It believes the hackers were searching for intellectual property on medical devices and other equipment, but instead stole data on patients who sought care from its physician practices.

The data included names, addresses, birthdates, telephone numbers and Social Security numbers—all of which are protected under the Health Insurance Portability and Accountability Act (HIPAA). However, the data did not include financial or medical information according to Community. (Beth Kutscher and Joseph Conn, Modern Healthcare, 8/18/2014)

The FBI has warned that healthcare industry companies are being targeted by hackers, publicizing the issue following an attack on U.S. hospital group Community Health Systems Inc that resulted in the theft of millions of patient records.

"The FBI has observed malicious actors targeting healthcare related systems, perhaps for the purpose of obtaining Protected Healthcare Information (PHI) and/or Personally Identifiable Information (PII)," the agency said in a "Flash" alert obtained by Reuters on Wednesday.

"These actors have also been seen targeting multiple companies in the healthcare and medical device industry typically targeting valuable intellectual property, such as medical device and equipment development data," the one page document said.

The FBI and Department of Homeland Security periodically release alerts to provide U.S. businesses with technical details and other information they can use to either prevent or identify cyber attacks. Such reports are typically only issued to businesses and not distributed to the general public.

The FBI has been concerned about healthcare providers for several months. In April, it warned the industry that its systems were lax compared with other sectors, making it vulnerable to hackers looking to access bank accounts or obtain prescriptions.(Jim Finkle, Reuters, 8/20/25014)