Millions of Patient Records Stolen in Community Health Systems Data Breach

Community Health Systems, a company that runs 206 hospitals nationwide, said Monday that hackers gained access to its computers and stole the data of 4.5 million patients, including names, Social Security numbers, addresses, birthdays and telephone numbers. According to a report from CNN Money, every patient who has been treated in a physician’s office tied to the hospital within the past five years, or even referred to an office by an outside doctor, is affected by the data breach.

The attorneys at Morgan & Morgan_ are looking into potential lawsuits against Community Health Systems and need to hear from patients who may have had their data stolen to aid in their investigation.

In trying to discover the cause and method behind the breach, Community Health Systems hired Mandiant, a cyber-security consulting company, to investigate. It was determined that the hackers were based in China and used “high-end, sophisticated malware to launch the attacks” in April and June of 2014. Although mountains of patient data were stolen, reports indicate that the hackers did not take information on patients’ medical histories, operations or credit card information.

The FBI said it is working with Community Health Systems and “committing significant resources and efforts to target, disrupt, dismantle and arrest” those who committed the breach. According to information provided to the company by federal investigators and Mandiant, the hackers who broke into Community Health Systems’ database are known to have previously been involved in other attacks of “corporate espionage,” targeting valuable information on medical devices.

Though Community Health Systems operates hospitals across the United States, they are most visible in Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee, and Texas.

Because all personal medical information is federally protected by the Health Insurance Portability and Accountability Act, it is possible that state attorneys general or patients themselves could file suit against the company for negligence.

In light of this massive data breach, the attorneys at Morgan & Morgan are looking into potential lawsuits against Community Health Systems and need to hear from patients who may have had their data stolen to aid in their investigation.

comments