When you think about the personal information most private to you, details about health are generally among the most obvious, and keeping those details safe are of the highest priority. As a result the healthcare industry is highly regulated to prevent patient data from getting into the wrong hands. But while compliance exists to insulate the healthcare industry from mistakes made internally, those same regulations don’t dissuade external actors from attempting to steal the same information.
Community Health Systems (CHS) is the latest to learn that lesson, following an announcement on August 18 that its systems had been compromised by advanced persistent threats, potentially leaking social security numbers and health information belonging to 4.5 million of its patients.
Reuters reports that the incident was committed by a group known as “APT 18” which like many other high-profile hacking groups, is believed to have ties to the Chinese government. Cybersecurity forensics provider Mandiant says that the group is best known for its efforts to steal intellectual property from industrial targets, with the new attack potential indicating a shift in focus towards healthcare.
The breach is the largest event involving patient information that has been identified, since the Department of Health and Human Services began monitoring such incidents in 2009.
CHS is one of the nation’s largest hospital operators in, with facilities in multiple states. The company says that it is currently insured against such events, and that it is in the process of notifying affected patients, as required by state and federal laws.
Mandiant says that the over the last year, they’ve seen an increase in cyberattacks that target healthcare providers, but this event also shows a continued trend of aggressive Chinese based hacker activity.
Earlier this year, the Department of Justice indicted 5 Chinese nationals for their attempts to steal infrastructural plans from power plants, and the U.S. Office of Personnel Management was also the center of a database compromise with suspected ties to China earlier this year.