Community Health Systems (CHS), parent company of South Texas Regional Medical Center (STRMC), announced on Monday that it was the target of an external criminal cyber-attack.
The event occurred sometime between April and June, and focused on physician clinics affiliated with its system hospitals. CHS believes the attacker was a foreign based group originating from China which used highly sophisticated malware to bypass the company’s security measures and access existing data on CHS systems.
Jim Resendez, Chief Executive Officer of STRMC, stated ,“ The breach included limited personal identification data belonging to some patients who were seen at local physician practices and clinics affiliated with STRMC over the past five years.
The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers. We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack. We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients. All affected patients are being notified by letter and will be offered free identity theft protection.”
A call center has been established to assist patients affected by the data breach. While the call center is primarily for patients who receive letters notifying them that they are affected by the data breach, it will also be prepared to take calls from patients who want to confirm that their information was not affected. Beginning Wednesday August 20th, patients may call 855-205-6951 for more information. .