Hackers Steal Info For 4.5 Million Hospital Patients

The new week begins much like the previous week ended — with news of another massive data breach. The latest hack victims are the millions of patients of Community Health Systems, which operates more than 200 hospitals in 29 states.

Re/code points to a recent SEC filing from the hospital chain, in which it reveals that it learned in July that its computer network “was the target of an external, criminal cyber attack” that lasted from April to June 2014.

CHS states that the believed source of the hack is an “Advanced Persistent Threat” group from China that was “able to bypass the Company’s security measures and successfully copy and transfer certain data outside the Company.”

The bad news is that the hack compromised “non-medical patient identification data” for around 4.5 million patients who visited the hospitals or one of its affiliated doctors during the the last five years. Data stolen in the hack included patient names, addresses, birth dates, telephone numbers and Social Security numbers

The not-horrible news is that CHS says it has confirmed the stolen data did not include credit card, medical or clinical information.

CHS says it will be offering identity theft protection services to individuals affected by the attack.