Community Health Systems, Inc. (“CHS”) reported yesterday that the information of approximately 4.5 million individuals has been affected by a Chinese cyber-attack. CHS and its affiliates own and operate 206 hospitals in 29 states.
CHS stated in a report filed with Securities and Exchange Commission on Monday that the attackers, believed to be a group originating in China, “used highly sophisticated malware and technology to attack” its computer network.
According to the report, the attackers transferred data outside of the CHS computer network including patient names, addresses, birthdates, telephone numbers, and social security numbers. The information did not include patient credit card, medical or clinical information, said CHS.
CHS has removed the malware from its systems and completed remediation efforts to protect against future intrusions, according to the report. CHS is also taking steps to notify the affected individuals as required by applicable federal and state law and will be offering identity theft protection services to affected individuals.
To see a copy of the report filed with the Securities and Exchange Commission, click here.