Feeds

'Chinese crims' snatch 4.5 MILLION patient files from US hospitals

Don't worry, says Community Health Systems, we're insured

Beginner's guide to SSL certificates

One of the largest healthcare providers in the US claims Chinese hackers ran riot through its systems between April and June this year – accessing names, addresses and social security numbers of millions of patients.

But Community Health Systems (CHS) insists no medical records nor any financial data were grabbed by the miscreants. The biz oversees 206 hospitals in 29 states across America.

"Unfortunately, we have joined numerous American companies and institutions who have been victimized by highly sophisticated, criminal cyber-attacks originating out of China," CHS spokesperson Tomi Galin told The Register in a statement today.

"We worked quickly to identify and eradicate the intruder and we are also working closely with federal law enforcement authorities as they pursue the criminals responsible. While we did have security measures in place to protect our computer network and electronically stored information, this attacker used very sophisticated methods to bypass security systems.

"Importantly, no patient medical or financial information was transferred as a result of this intrusion. The company carries cyber and privacy liability insurance. We do not believe this incident will have a material adverse effect on our business or financial results."

According to an 8K filing [PDF] to US financial watchdog the Securities and Exchange Commission, the attackers were trying to get hold of medical device and equipment development data, but were prevented from grabbing it by the security systems the Fortune 500 company had in place.

What the hackers did get hold of was 4.5 million records detailing the names, addresses, birth dates, telephone numbers and social security numbers of patients who have used the hospital chain during the past five years. According to the filed paperwork:

The company and its forensic expert, Mandiant (a FireEye Company), believe the attacker was an “Advanced Persistent Threat” group originating from China who used highly sophisticated malware and technology to attack the company’s systems. The attacker was able to bypass the company’s security measures and successfully copy and transfer certain data outside the company.

All affected citizens are now being contacted, the hospital group said, and identity theft protection will be offered to those who are targeted from the data swiped from its servers. Since the hospital is insured against such attacks, the financial effects should be minimal, the 8K filing states, but that hasn't impressed some in the security industry.

"The unfortunate reality is that most (but not all) of the healthcare providers have little concern for nor have they invested in IT security. There is no incentive for them to invest, nor is there any material consequence of their failure to protect their infrastructure," said Philip Lieberman, president of password and identity management biz Lieberman Software.

"The funny postscript to this article is that Community Health's stock was up 48 cents at $51.48 in late-morning trading on the New York Stock Exchange, which could be translated to say that a data breach is good for the shareholders. That is how sick IT security is at health care providers."

Last year the Office of National Counterintelligence warned Congress that Chinese hackers and other miscreants are targeting American healthcare companies to get intellectual property pertaining to new drugs and medical equipment. It now appears those warnings were more accurate than first thought. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Desperate VXers enslave FREEZERS in DDoS bot
Updated Spike malware targets Asia
Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI
A stranger turns up YOUR heat with default password 1234
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.