4.5 Million Records Compromised
Community Health Systems, a group that runs 206 hospitals in 29 states, is notifying 4.5 million people that their personal data was stolen in breaches that happened in April and June of this year.
Information that can be used in identity theft include names, addresses, phone numbers, social security numbers, and dates of birth was stolen using techniques that are similar to those used by a Chinese criminal Advanced Persistent Threat (APT) group who have broken into other systems before. No credit card or medical information was stolen.
Malware downloaded onto Community Health Systems networks allowed the hackers to access personal information. The Malware has since been eradicated, but damage to the patients remains to be seen. Individuals who have to monitor their credit for fraud because of the personal data transferred will need to be vigilant for years to come.
Advanced Persistent Threats like the one that compromised Community Health Systems are preventable with the right combination of military-grade operational analysis, Zero-Minute Defense behavior-based filtering technology, and human review that ensures that malware is not injected into your network.