hackers target hospital records
August 20, 2014

4.5 Million US Hospital Patients Could Be Victims Of Chinese Hackers

John Hopton for redOrbit.com - Your Universe Online

The major US hospital group Community Health Systems has revealed that 4.5 million of its patients have had their data stolen by hackers. The attack appears to have originated in China and targets the personal information of patients within the group's system.

Community Health Systems runs 206 hospitals in 29 states and is one of the largest hospital operators in the country, with most of its hospitals in the eastern US. The personal data of patients - such as names, addresses, dates of birth and telephone and social security numbers - have been the focus of the attack, and no credit card details or medical records are said to have been stolen.

Community Health Systems is in the process of notifying patients who may be affected, and say the risk is to those who were referred for or received services from physicians affiliated with the company during the last five years. The company will offer identity theft protection to any patient whose data was stolen.

The aim of the hackers looks to be the gathering of information in order to steal people's identities and then open accounts in their names. However, previous attacks of this nature, TechCrunch quotes Community Health Systems as saying, usually have  target intellectual property such as medical device and equipment development data. Although that has not happened in this case, other elements of the hackers' behavior is familiar. In a filing with the US Securities and Exchange Commission on Monday, the company said the attacker used "highly sophisticated malware and technology to attack the company's systems.”

Community Health Systems hired Mandiant, part of the FireEye security group, to investigate the attacks, which happened between April and June of this year. Beyond revealing the Chinese origins of the attack, neither Community Health Systems nor Mandiant have explicitly stated who they believe the culprits to be, or whether they are thought to be working on behalf of the Chinese government. However, the phrase being used in regard to this incident describing the attack as part of an "advanced, persistent threat," is the same phrase used by Mandiant last year to describe a Chinese Army unit that has been accused of involvement in attacks on the networks of several American, Canadian and British companies since 2006.

The crimes that relate to the accusations involving the Chinese Army are varied, but are mostly concerned with stealing company information such as development plans, manufacturing techniques and details on high level executives, with the aim of making Chinese companies more competitive. The Recode blog has a link to an extensive report from Mandiant on the subject. It is unclear whether the latest focus on a medical company is by other hackers using similar techniques, or if there is a stronger connection.

The recent attack is being investigated by the FBI, while Community Health Systems has said it has taken measures to ensure that a similar breach is not possible in future. However, the networks of medical organizations remain, in many cases, poorly protected.