Skip to main content

Hackers from China steal info on 4.5 million U.S. hospital patients

08/19/2014 05:03PM, Published by ACL, Categories: In Print



By Steven Hoffman

Staff Writer

Community Health Systems, the Tennessee-based parent company of Jennersville Regional Hospital, reported that it suffered a data breach affecting the personal information of approximately 4.5 million patients after its computer network “was the target of an external criminal cyber attack.”

The hospital company said in a filing with the U.S. Securities and Exchange Commission (SEC) that the attacks took place during April and June of this year. The hacker group responsible for the attack is thought to be operating in China.

According to a spokesperson for the hospital, the compromised data did not include medical, clinical, or credit card information. The hackers did manage to steal private information such as patient names, addresses, birthdates, telephone numbers, and social security numbers.

While the purpose of the attack remains unclear, Community Health Systems said in the SEC filing that the only thing it knows was stolen was “…non-medical patient identification data related to the company’s physician practice operations and affected approximately 4.5 million individuals who, in the last five years, were referred or received services from physicians affiliated with the company.”

Community Health Systems operates 206 hospitals in 29 states throughout the U.S.

Once the attack was detected, Community Health Systems hired Mandiant, a forensic expert, to investigate the incident.  According to the filing with the SEC, the hackers used highly sophisticated malware and technology to attack the company’s systems. The attacker was able to bypass the company’s security measures and copy and transfer certain data outside the company. Community Health Systems has completely eliminated the malware from its systems and implemented other remediation efforts that are intended to protect against such attacks in the future. Additionally, the company is working with federal law enforcement officials in connection with the ongoing investigation into cyber attacks of this kind. 

Community Health Systems will be sending notifications to affected patients and regulatory agencies. The company will also be offering identity theft protection services to individuals affected by the attack.

“We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients,” said the hospital spokesperson in a statement. “Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.”


Like what you're reading? Subscribe to Chester County's free newsletter to catch every headline



jennersville regional hospital community health systems hackers


You might also like


  • Half the Money, all the bottle. Every Tuesday

    08/31/2015
    11:00AM — 09:00PM

    EVERY TUESDAY ‎Half the money, all the bottle.1/2 Price Bottle of Wine / Every Tuesday with your...


  • Debtors Anonymous

    08/31/2015
    06:00PM — 07:00PM

    In D.A., our purpose is threefold: to stop incurring unsecured debt, to share our experience wit...


  • This is a great time to make sure that the students in your house have the most important school ...


  • Clutterers Anonymous

    09/03/2015
    06:00PM — 07:00PM

    Clutterers Anonymous℠ (CLA℠) is a fellowship of men and women who share their experience, strengt...


Chester County High School Sports