News 12 at 6 o'clock / Monday, Aug. 18, 2014
Trinity Hospital Of Augusta
AUGUSTA, Ga. (WRDW) -- Kristine Gaylor is not surprised by the latest hacker attack.
"It seems to be happening often, so nothing really. Just a little bit concerned," Gaylor said.
This time the target is Trinity Hospital on Wrightsboro Road. Hospital officials said they believe the intruders were based in China, and used highly sophisticated software to get past security systems at Community Health Systems in Tennessee. The company operates Trinity.
"I've worked so hard for everything I have, and I'd hate for it just to, for somebody to get my social security," Gaylor said.
The hackers stole social security numbers, birth dates, phone numbers along with patient names, and addresses. Information that this young mother thought was safe when she registered as a patient at Trinity.
"I went to get my appendix removed and then this past week I went because I'm pregnant," Gaylor said.
The hospital said the thieves snagged information from patients who were referred to. or received care from doctors connected with the hospital over the past 5 years.
Trinity said medical and credit card information is still safe. Gaylor said the Trinity breach and others like it in recent months is just a sign of the times and it will not stop her from using the hospital for her medical needs.
"I guess it's just the risk you gotta' take," Gaylor said.
Hospital officials said this case is so big and so broad the FBI has stepped into the investigation. Anyone who used Trinity between this past April all the way back to April 2009 could be affected. Community Health Systems which operates Trinity will notify affected patients. It will also provide identity theft protection services. This breach impacts more than 200 hospitals around the country.
Monday, Aug. 18, 2014
FRANKLIN, Tenn. (AP) — Hospital operator Community Health Systems says a cyberattack took information on more than 4 million patients from its computer network earlier this year.
The Franklin, Tennessee, company says no medical or credit card records were taken in the attack, which may have happened in April and June. But Community says the attack did bypass its security systems to take patient names, addresses, birthdates, phone and Social Security numbers.
The information came from patients who were referred to or received care from doctors tied to the company over the past five years.
Community Health Systems Inc. says it is notifying patients affected by the attack and offering them identity theft protection services.
The company owns, leases or operates 206 hospitals in 29 states including Georgia and South Carolina.
(Copyright 2014. The Associated Press.)
12 On Your Side investigative reporter Jerome Collins is currently working to gather more information about what patients of the hospital need to do to protect their identity.
Photo from CNN Money
Statement from Trinity Hospital:
Limited personal identification data belonging to some patients who were seen at physician practices and clinics affiliated with Trinity Hospital of Augusta over the past five years was transferred out of our organization in a criminal cyber attack by a foreign-based intruder. The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers.
We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients. Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.
Our organization believes the intruder was a foreign-based group out of China that was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks. We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.
Many American companies and organizations have been victimized by foreign-based cyber intrusions. It is up to the Federal Government to create a national cyber defense that can prevent this type of criminal invasion from happening in the future.