A Tennessee hospital operator announced that personal information including name, Social Security number and address for about 4.5 million patients was inappropriately accessed as a result of a Chinese cyber attack.
The hospital operator does business at 206 hospitals in 29 states. It advised that the hackers accessed its systems between April and June 2014 by bypassing its security systems. It is believed that the group behind the attack typically targets medical intellectual property, but in this case accessed nonmedical patient data.
The company will be contacting impacted individuals and offering credit monitoring protection. This incident brings to light potential security issues with new electronic medical records.