(AP) -- The owner of Porter Regional Hospital said a cyberattack took
information on more than 4 million patients from its computer network
earlier this year.
Systems Inc., headquartered in Franklin, Tenn., said Monday that no medical
or credit card records were taken in the attack, which may have happened in
April and June. But Community said the attack did bypass its security
systems to take patient names, addresses, birthdates, phone, and Social
operator said it believes the attack came from a group in China that used
sophisticated malware and technology to get the information. Community
Health has since removed the malware from its system and finalized “other
remediation efforts” to prevent future attacks.
A spokeswoman did
not immediately respond to a request from The Associated Press seeking
comment on the attacks.
that was taken came from patients who were referred to or received care from
doctors tied to the company over the past five years.
Systems Inc. is notifying patients affected by the attack and offering them
identity theft protection services. The company owns, leases, or operates
206 hospitals in 29 states.
The attack follows
other high-profile data security problems that have hit retailers like the
e-commerce site eBay and Target Corp. Last year, hackers stole from Target
about 40 million debit and credit card numbers and personal information for
70 million people.
Shares of Community
Health climbed 38 cents to $51.38 late Monday morning, while broader trading
indexes also rose less than 1 percent.