Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    sales and data analytics
    How Data Analytics Improves Lead Management and Sales Results
    9 Min Read
    data analytics and truck accident claims
    How Data Analytics Reduces Truck Accidents and Speeds Up Claims
    7 Min Read
    predictive analytics for interior designers
    Interior Designers Boost Profits with Predictive Analytics
    8 Min Read
    image fx (67)
    Improving LinkedIn Ad Strategies with Data Analytics
    9 Min Read
    big data and remote work
    Data Helps Speech-Language Pathologists Deliver Better Results
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: Largest HIPAA Breach Ever: Hackers Steal Data on 4.5 Million Community Health Systems Patients
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Uncategorized > Largest HIPAA Breach Ever: Hackers Steal Data on 4.5 Million Community Health Systems Patients
Uncategorized

Largest HIPAA Breach Ever: Hackers Steal Data on 4.5 Million Community Health Systems Patients

onlinetech
onlinetech
5 Min Read
SHARE

There’s a new leader on the U.S. Department of Health & Human Services’ Wall of Shame.

There’s a new leader on the U.S. Department of Health & Human Services’ Wall of Shame.

A hacking group known as “APT 18” is suspected of stealing names, Social Security numbers, addresses, birthdays and telephone numbers from 4.5 million patients of Community Health Systems, a network of 206 hospitals across 29 states (see map at right). Credit card numbers and medical records were not accessed.

It’s the largest attack involving patient information since the HHS started tracking HIPAA breaches in 2009, passing a Montana Department of Public Health breach that affected roughly 1 million people.

More Read

“I Need to Get All This Data Together!”
A ’service-oriented architecture’ for data makes sense
Three to Five
Some CTO Vision: Is the future still the same?
The Great Recession: Things Are Different Now

Patients who were referred or received services from doctors affiliated with Community Health Systems in the last five years were affected, the company reported in a regulatory filing on Monday. The sophisticated malware attacks occurred in April and June.

According to numerous news reports, security experts said the hacker group may have links to the Chinese government. Charles Carmakal, managing director of the Mandiant forensics unit, hired by the hospital group to consult on the hack, told Reuters that “APT 18” typically targets companies in the aerospace and defense, construction and engineering, technology, financial services and healthcare industry.

In an Online Tech webinar titled “Why is it So Hard to Secure a Company,” security expert Adam Goslin discussed how the past decade has seen “a continuous and steady increase in attempts by specifically the Chinese attempting to gain intellectual property.”

According to a CNN report, Mandiant and federal investigators told the hospital network that the hacking group has previously conducted corporate espionage to target information about medical devices. This time, however, the bounty was patient data.

Community Health Systems stated in a release: “Our organization believes the intruder was a foreign-based group out of China that was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks.”

In his aforementioned webinar, Goslin, the CEO of Total Compliance Tracking, detailed examples of the value of intellectual property theft:

One of the stories that the FBI was bringing up was the Chinese were trying to get into a manufacturing facility to get a sample of a rinse solution for some type of a glass manufacture. It was a coating for glass and they couldn’t figure how they were doing it. So, the Chinese were trying to get a hold this of this rinse solution in the manufacturing setting. …

There was a story of an organization that had spent some number of years developing a patent. They were just about to file it and found that they have gotten hacked by the Chinese. The Chinese filed for the patent. Because the organization’s entire business revolved around this work, they literally had to pay royalties to the Chinese just to use the patent that they developed themselves that got hacked out from under them.

The value of personal information is clear: Hackers can sell the information to those looking to steal identities. And hospital networks are becoming a hotbed for finding that information.

Michael “Mac” McMillan, CEO of security consulting firm CynergisTek, told Modern Healthcare that hospitals are “going to become a bigger and bigger target as the hacking community figures out it’s easier to hack a hospital than it is to hack a bank and you get the same information. I’m not sure healthcare is listening yet.”

McMillan told the website there has been a spike in hacking activity directed at hospitals this year:

“I know at least a half a dozen or so hacks against hospitals we work with where the data wasn’t transferred, but it still caused a lot of disruption,” McMillan said. “But it wasn’t a HIPAA issue, so it didn’t get reported.”

TAGGED:data securityprivacy
Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

sales and data analytics
How Data Analytics Improves Lead Management and Sales Results
Analytics Big Data Exclusive
ai in marketing
How AI and Smart Platforms Improve Email Marketing
Artificial Intelligence Exclusive Marketing
AI Document Verification for Legal Firms: Importance & Top Tools
AI Document Verification for Legal Firms: Importance & Top Tools
Artificial Intelligence Exclusive
AI supply chain
AI Tools Are Strengthening Global Supply Chains
Artificial Intelligence Exclusive

Stay Connected

1.2kFollowersLike
33.7kFollowersFollow
222FollowersPin

You Might also Like

big data security 2017-18
Best PracticesComputingData ManagementExclusiveRisk ManagementSecurity

The Direst Security Breaches of 2017 and How Data Centers Are Responding

5 Min Read
database compliance guide
Data Management

Four Strategies For Effective Database Compliance

8 Min Read
blockchain security problems
BlockchainExclusiveSecurity

Is Blockchain The Answer To Blockchain Security Problems?

7 Min Read
gmail security tools to use
Big DataSecuritySoftware

4 Brilliant Ways To Use Big Data To Boost Gmail Security

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive
ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-25 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?