China Hack Group Hits US Hospitals

Keyboard1

Keyboard1
(Photo : Petras Gagilas)

Personal Data including Social Security numbers of about 4.5 million patients have reportedly been stolen in a recent cyber attack from Chinese hackers, announced a U.S. based hospital firm on Monday.

Community Health Systems Inc. (CYH.N), a premier U.S. hospital group, announced that a group of hackers from China breached into its systems and stole pertinent identification data in April and June this year.

The breach was allegedly done using "highly sophisticated malware and technology" to infiltrate the firm's data security protection, CYH.N said.

Cyber security experts identify the breach as coming from the hacking group known as "APT 18", who allegedly has links to Chinese government.

Charles Carmakal, managing director of Mandiant Forensic unit in FireEye Inc's (FEYE.O), alleges the hacking group as responsible for breaching into aerospace and defense companies.

Madiant group spearheaded the investigation on the 4.3 million patient data breach last April and June.

The cyber hacking group "APT 18" is also known to have hacked into security systems of various financial services, healthcare industry, as well as construction and engineering technology firms, Carmakal added.

The hacking group frequently targets data relating to intellectual property, like product design and development, and data that can be used as leverage in other business or political dealings.

In recent years, hackers that engaged in cyber attacks were known to steal and sell social security numbers and financial data in the black market.
The group is using relatively "[advanced] techniques for breaking into organizations" and main "access for fairly long periods of time without getting detected," Carmakal said in a report from Reuters.

For the past six months, Mandiant has determined series of cyber attacks on healthcare providers.

The recent attack on US hospital group is "the first case" where the Chinese group has stolen personal data, said Carmakal.

The breach included "patient names, addresses, birth dates, telephone numbers and Social Security numbers of patients who sought services from "doctors affiliated with the hospital group in the last five years," reported Mandiant cyber security group.