Amid an influx of cyberattacks on med tech outfits and affiliated companies, one of the nation's largest hospital groups revealed that it was the target of external hackers.
Franklin, TN-based Community Health Systems said its computer network was breached by a group originating in China in April and June, leaving data from 4.5 million patients vulnerable, The Wall Street Journal reports. The hacker transferred nonmedical patient identification data including patient names, addresses, birth dates, telephone and Social Security numbers, but did not gain access to credit card, medical or clinical information.
The company said it was notifying patients and working with federal authorities to investigate the attack, and that it would offer identify-theft protection services to those individuals who were affected by the data breach, according to its regulatory filing.
Community Health Systems is not the only company plagued by the recent slew of cyberattacks. In June, med tech giant Medtronic ($MDT) revealed that its systems were hacked in 2013, an "unauthorized intrusion" that could be traced to attackers in Asia. The report hearkened back to rumors that circulated earlier this year, as the San Francisco Chronicle reported in February that Medtronic and fellow med tech heavyweights Boston Scientific ($BSX) and St. Jude Medical ($STJ) were hit by a "thorough" attack that possibly originated in China.
The FDA has taken note and is rolling out new measures to boost its cybersecurity efforts. Last year, the agency issued formal guidance for cybersecurity and created a "cybersecurity laboratory" which stages deliberate attacks on devices to weed out any defects that could leave the products vulnerable to hackers.
- read the WSJ story (sub. req.)
- get more from the Chicago Tribune
- here's the company's 8-K filing