Hospital giant Community Health Systems stated on Monday that the personal data of around 4.5 million individuals was compromised by hackers within the attack thought to come from China.
The organization, which runs 206 hospitals in 29 states, noted how the hackers used “sophisticated malware” to attack the business’s security systems and duplicate and transfer hospital details.
The organization used cybersecurity firm Mandiant to analyze the event that it thinks took place April and June.
The company reports that all malware has been pulled from its devices and is at the moment, creating additional provisions to safeguard against future attacks. Federal authorities and Mandiant claim that these attacks generally include the theft of “valuable intellectual property, such as equipment and medical device development data,” but, non-medical patient identification details like addresses and names has been stolen.
The organization said this information “does not include patient credit card, medical or clinical information,” but continues to be secured within the Health Insurance Portability and Accountability Act (HIPAA).
As a result of the breach, the company has informed people whose details where compromised, and is supplying them identify theft protection. Community Health Systems is covered to protect themselves from these types of attacks, and doesn’t believe that its “business or financial results” will be affected.