Kosciusko Hospital Among Hundreds Struck By Hackers
July 28, 2016 at 4:25 p.m.
By Jordan Fouts-
The attack copied information on patients from the past five years including names, birth dates, addresses and Social Security numbers, all protected under the Health Insurance Portability and Accountability Act. No medical information or credit card numbers were stolen, according to a U.S. Securities and Exchange Commission filing by Community Health.
The attack is believed to have come from a group in China, according to the filing. It occurred in April and June and was confirmed in July by an outside cybersecurity firm.
Community Health operates 206 hospitals in 29 states, including KCH and Lutheran Hospital in Fort Wayne.
“We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience this event may cause for our patients,” KCH Marketing Director Joy Lohse said in a statement Monday. “Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.”
The Chinese group suspected in the attack typically seeks valuable intellectual property, such as medical device and equipment development data, according to the filing. The attack was carried out through “highly sophisticated malware and technology” that was able “to bypass the company’s security measures and successfully copy and transfer certain data outside the company,” states the filing, which also notes the company “completed eradication of the malware from its systems and finalized the implementation of other remediation efforts that are designed to protect against future intrusions of this type.”
“The intruder has been eradicated and applications have been deployed to protect against future attacks,” Lohse said in the hospital’s statement. “We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.”[[In-content Ad]]
Latest News
E-Editions
The attack copied information on patients from the past five years including names, birth dates, addresses and Social Security numbers, all protected under the Health Insurance Portability and Accountability Act. No medical information or credit card numbers were stolen, according to a U.S. Securities and Exchange Commission filing by Community Health.
The attack is believed to have come from a group in China, according to the filing. It occurred in April and June and was confirmed in July by an outside cybersecurity firm.
Community Health operates 206 hospitals in 29 states, including KCH and Lutheran Hospital in Fort Wayne.
“We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience this event may cause for our patients,” KCH Marketing Director Joy Lohse said in a statement Monday. “Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.”
The Chinese group suspected in the attack typically seeks valuable intellectual property, such as medical device and equipment development data, according to the filing. The attack was carried out through “highly sophisticated malware and technology” that was able “to bypass the company’s security measures and successfully copy and transfer certain data outside the company,” states the filing, which also notes the company “completed eradication of the malware from its systems and finalized the implementation of other remediation efforts that are designed to protect against future intrusions of this type.”
“The intruder has been eradicated and applications have been deployed to protect against future attacks,” Lohse said in the hospital’s statement. “We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.”[[In-content Ad]]
Have a news tip? Email [email protected] or Call/Text 360-922-3092