BLUEFIELD, W.Va. — A local hospital is among facilities across the nation facing the loss of personal information of several million individuals after a foreign cyber attack — possibly from China — was detected.
Community Health Systems, which operates 206 hospitals across the country — including Bluefield Regional Medical Center — confirmed Monday that hackers recently broke into the company’s computer system and stole information on 4.5 million patients.
“Limited personal identification data belonging to some patients who were seen at physician practices and clinics affiliated with Bluefield Regional Medical Center over the past five years was transferred out of our organization in a criminal cyber attack by a foreign-based intruder,” BRMC spokeswoman Becky Ritter said in a statement released Monday. “The transferred information did not include any medical information or credit card information, but it did include names, addresses, birth dates, telephone numbers and social security numbers.
Although the company does not believe that the data would ever be used, all affected patients are being notified by letter and offered free identity theft protection, according to the statement issued by BRMC.
But Ritter says the company believes the hackers were looking for intellectual property instead.
“Our organization believes the intruder was a foreign-based group out of China that was likely looking for intellectual property,” Ritter said. “The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks. We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.”
In July, Community Health Systems, Inc. confirmed that its network was the target of an external, criminal cyber attack, according to a report the company filed with the United States Securities and Exchange Commission. The company believed the cyber attack occurred in April and June this year.
Ritter says the hospital has no reason to believe that this data would ever be used, but all affected patients are being notified by letter and offered free identity theft protection…