Patients offered free protection after hacker attack
Aug 19, 5:47 p.m.
About 4.5 million people whose personal information was accessed by hackers who breached security at Community Health Systems, which owns a network of hospitals, including five in Georgia, will be offered free identity theft protection.
Community Health Systems owns East Georgia Regional Medical Center.
The hackers are believed to be "a foreign-based group out of China," according to a statement released Tuesday by Community Health Systems.
EGRMC marketing director Jill Cairney said the only statement to be released is the one from CHS. The hospital's CEO, Bob Bigley, was not available for comment Tuesday.
"Limited personal identification data belonging to some patients who were seen at physician practices and clinics affiliated with East Georgia Regional Medical Center over the past five years was transferred out of our organization in a criminal cyber-attack by a foreign-based intruder," the statement reads. "The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers."
Anyone affected by the breach will receive a letter within the next few days explaining the breach of security and providing information on the free identity theft protection, Cairney said.
Statesboro police Cpl. Justin Samples advises citizens who may have had information stolen to maintain a close watch on credit reports and accounts to catch any unauthorized activity.
Aside from patients who used doctors affiliated with EGRMC, four other Georgia hospitals are affected, according to media reports: Trinity Hospital of Augusta, Barrow Regional Medical Center in Winder, Clearview Regional Medical Center in Monroe and Fannin Regional Hospital in Blue Ridge.
According to the release, CHS officials believe the hacker group "was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks."
FBI agents are working to learn more about the breach. CHS stated the company will "support prosecution of those responsible for this attack."
According to a "Form 8-K" filed with the Securities and Exchange Commission by CHS, the breach was discovered in July, and the hacking is believed to have taken place in April and June.
The company hired forensic expert Mandiant, which "believes the attacker was an ‘Advanced Persistent Threat' group originating from China who used highly sophisticated malware and technology to attack the company's systems."
The hackers were "able to bypass ... security measures and successfully copy and transfer certain data," the form reads. "Immediately prior to the filing of this report, the company completed eradication of the malware from its systems and finalized the implementation of other remediation efforts that are designed to protect against future intrusions of this type."
Federal agents and security experts say "this intruder has typically sought valuable intellectual property, such as medical device and equipment development data. However, in this instance the data transferred was non-medical patient identification data," according to the statement.
The breach affects about 4.5 million patients who visited the targeted hospitals over the past five years. CHS, based in Brentwood, Tennessee, completed its $7.6 billion purchase of Health Management Associates in March. EGRMC was part of HMA, based in Naples, Florida.
While the stolen data did not include patient credit card, medical or clinical information, it is considered protected under the Health Insurance Portability and Accountability Act, or HIPAA, because it includes patient names, addresses, birthdates, telephone numbers and social security numbers, the statement reads.
Holli Deal Saxon may be reached at (912) 489-9414.