Canadian Healthcare Technology Logo
  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us

GE Shop

GE Shop

Enovacom SickKids case study

Enovacom SickKids case study

Privacy & Security

U.S. hospital chain suffers data break-in

August 20, 2014


hackers

FRANKLIN, Tenn. – Community Health Systems, which operates 206 hospitals across the United States, announced this month that hackers recently broke into its computers and stole data on 4.5 million patients.

According to a report by CNN Online, hackers gained access to patient names, Social Security numbers, physical addresses, birthdays and telephone numbers.

Anyone who received treatment from a physician’s office tied to a network-owned hospital in the last five years – or was merely referred there by an outside doctor – is affected.

The large data breach puts these people at heightened risk of identity fraud. It could enable criminals to open bank accounts and credit cards in the names of the patients, thereby ruining their personal credit histories.

The company’s hospitals operate in 28 states but have their most significant presence in Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas.

Community Health Systems (CYH) hired cybersecurity experts at Mandiant to consult on the hack. They have determined the hackers were in China and used high-end, sophisticated malware to launch the attacks sometime in April and June this year.

The FBI said it’s working closely with the hospital network and “committing significant resources and efforts to target, disrupt, dismantle and arrest the perpetrators.”

Federal investigators and Mandiant told the hospital network those hackers have previously been spotted conducting corporate espionage, targeting valuable information about medical devices.

But this time, the hackers stole patient data instead. Hackers did not manage to steal information related to patients’ medical histories, clinical operations or credit cards.

Still, the lost personal information is protected by the Health Insurance Portability and Accountability Act, the federal health records protection law. That means state attorneys general could sue for damages. Under state laws, patients themselves could sue the hospital network for negligence.

The company tried to stem worries about the damages in a filing with the Securities and Exchange Commission, saying that it “carries cyber/privacy liability insurance to protect it against certain losses related to matters of this nature.”

The hospital network said that just before announcement, it managed to wipe the hackers’ malware from its computer systems and implemented protections to prevent similar break-ins. The company plans to offer identity theft protection to the 4.5 million victims of the data breach.

According to ComputerWorld, an industry publication, so far this year about 150 incidents of lost or stolen personal data – either due to hacking or ineptitude – have been reported by medical establishments to the U.S. Department of Health and Human Services.

PreviousNext

WP 900×150

WP 900x150

News and Trends

  • Quebec to invest nearly $1 billion in health IT
  • Seven Ontario organizations launch region-wide EHR system
  • Point-of-care lab technology speeds up bloodwork
  • Progress in e-mental health will require clinician training
  • Technology must be simple to use to solve complex problems
More from the Print Edition

Subscribe

Subscribe

Free of charge to Canadian hospital managers and executives in nursing homes and home-care organizations. Learn More

Follow us on Social Media!

Follow us on Social Media!

Infoway [May2022]

Infoway [May2022]

e-blasts 200×400

e-blasts 200x400

Advertise with us

Advertise with us

Sectra best in KLAS

Sectra best in KLAS

Zebra [May2022]

Zebra [May2022]

WP

WP

MEDICA 2022

MEDICA 2022

WP 900×150

WP 900x150

Advertise with us

Advertise with us

Sectra best in KLAS

Sectra best in KLAS

Zebra [May2022]

Zebra [May2022]

WP

WP

MEDICA 2022

MEDICA 2022

Contact Us

Canadian Healthcare Technology
1118 Centre Street, Suite 207
Thornhill, Ontario, Canada L4J 7R9
Tel: 905-709-2330
Fax: 905-709-2258
info2@canhealth.com

  • Quick Links
    • Current Print Issue
    • Print Archive
    • Events
    • Vendors
    • About Us
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Resources
    • White Papers
    • Writers’ Guidelines
    • Privacy Policy
  • Topics
    • Administrative Solutions
    • Clinical Solutions
    • Companies
    • Continuing Care
    • Diagnostics
    • Education & Training
  •  
    • Electronic Records
    • Government & Policy
    • Infrastructure
    • Innovation
    • People
    • Privacy and Security

© 2022 Canadian Healthcare Technology

The content of Canadian Healthcare Technology is subject to copyright. Reproduction in whole or in part without prior written permission is strictly prohibited. Send all requests for permission to Jerry Zeidenberg, Publisher.

Search Site

Error: Enter a search term

  • Issues
    • Current Print Issue
    • Print Archive
  • Advertise
    • Publishing Schedule
    • Circulation
    • Unit Sizes and Rates
    • Mechanical Requirements
    • Electronic Advertising
    • White Papers
  • Subscribe
    • Print Edition
    • e-Messenger
    • White Papers
  • Events
  • Vendors
  • About Us