It was announced this week that Community Health Systems, one of the largest hospital groups in the U.S., had suffered a data breach conducted by hackers from China.
The breach affected patients who were either referred to or received services from doctors affiliated with the more than 200 CHS hospitals in the last five years, according to a regulatory filing by the company. The breach compromised the information of 4.5 million patients, including Social Security numbers, address, phone numbers and emails. The U.S. Department of Health and Human Services believes this may be the largest breach involving patient data since the agency started tracking such statistics on its website in 2009.
According to Charles Carmakal, a cybersecurity expert helping to investigate the breach, the malicious actors appear to be part of a network of sophisticated hackers that has breached other major U.S. companies in a variety of industries.
"They have fairly advanced techniques for breaking into organizations as well as maintaining access for fairly long periods of times without getting detected," Carmakal said in an interview with Reuters.
Community Health Systems was told by federal investigators that the hackers involved in their breach had also been spotted previously engaged in corporate espionage and the theft of privileged information regarding medical devices. It is believed that in this case the attackers only stole patients' personal information and intellectual property was not involved.
Healthcare cybersecurity sorely lacking
The cybersecurity of companies within the medical industry has been under increased scrutiny in recent months by both regulatory bodies and cybercriminals themselves. In fact the FBI previously warned healthcare providers that they were employing lax cybersecurity policies compared with those in other sectors. The lack of sufficient enterprise security makes these companies vulnerable to attacks from hackers looking to steal any data that may be useful, from Social Security numbers to information on how to access prescriptions.
As healthcare providers increasingly utilize technology to keep records and care for patients, the frequency and ferocity of cyberattacks aimed at the medical sector will only grow. As the FBI warned, the cybersecurity efforts of these companies must improve before more patient information is exposed. One of the most reliable ways to protect sensitive enterprise data and networks is to employ security information and event management. SIEM services provide around the clock monitoring of networks and systems to identify any suspicious or nefarious activity. The data collected by SIEM service providers is analyzed and turned into actionable information that can be used by companies to better defend against hackers.