|
 Security experts said the hacking group, known as "APT 18," may have
links to the Chinese government.
"APT 18" typically targets companies in the aerospace and defense,
construction and engineering, technology, financial services and
healthcare industry, said Charles Carmakal, managing director with
FireEye Inc's (FEYE.O) Mandiant forensics unit, which led the
investigation of the attack on Community Health in April and June.
"They have fairly advanced techniques for breaking into
organizations as well as maintaining access for fairly long periods
of times without getting detected," he said.
The information stolen from Community Health included patient names,
addresses, birth dates, telephone numbers and Social Security
numbers of people who were referred or received services from
doctors affiliated with the hospital group in the last five years,
the company said in a regulatory filing.
The stolen data did not include medical or clinical information,
credit card numbers, or any intellectual property such as data on
medical device development, said Community Health, which has 206
hospitals in 29 states.
The attack is the largest of its type involving patient information
since a U.S. Department of Health and Human Services website started
tracking such breaches in 2009. The previous record, an attack on a
Montana Department of Public Health server, was disclosed in June
and affected about 1 million people.
Chinese hacking groups are known for seeking intellectual property,
such as product design, or information that might be of use in
business or political negotiations.
Social Security numbers and other personal data are typically stolen
by cybercriminals to sell on underground exchanges for use by others
in identity theft.
Over the past six months Mandiant has seen a spike in cyber attacks
on healthcare providers, although this was the first case it had
seen in which a sophisticated Chinese group has stolen personal
data, according to Carmakal. Mandiant monitors about 20 hacking
groups in China.
NEW SCRUTINY
Cybersecurity has come under increased scrutiny at healthcare
providers this year, both by law enforcement and attackers.
The FBI warned the industry in April that its protections were lax
compared with other sectors, making it vulnerable to hackers looking
for details that could be used to access bank accounts or obtain
prescriptions.
Mandiant has tracked "APT 18" for four years. When asked if the
hackers were linked to the Chinese government, Carmakal said it was
"a possibility" but declined to elaborate.
[to top of second column] |
Another cybersecurity firm, CrowdStrike, which has also been
monitoring "APT 18" for about four years, said it believes the
hackers are either backed by Beijing or work directly for the
government, based on the targets they have chosen.
CrowdStrike Chief Technology Officer Dmitri Alperovitch said his
firm has seen "APT 18" targeting human rights groups and chemical
companies.
"They are of above average skill" among Chinese hackers, said
Alperovitch, whose company dubbed the group "Dynamite Panda."
The issue of Chinese state-sponsored hacking is highly sensitive.
Tensions between Washington and Beijing have grown since May, when a
U.S. grand jury indicted five Chinese military officers on charges
they hacked into American companies for sensitive manufacturing
secrets. China has denied the charges.
FBI spokesman Joshua Campbell said his agency was investigating the
Community Health case, but declined to elaborate.
The Department of Homeland Security said it believed the incident
was isolated, although it shared technical details about the attack
with other healthcare providers. An agency official told Reuters it
was too soon to say who was behind the attack.
Community Health said it has removed malicious software used by the
attackers from its systems and completed other remediation steps. It
is now notifying patients and regulatory agencies, as required by
law.
The company said it is insured against such losses and does not at
this time expect a material adverse effect on financial results.
Community Health's stock rose 66 cents, or 1.3 percent, to close at
$51.66 on the New York Stock Exchange on Monday.
(Reporting by Caroline Humer, Jim Finkle and Shailesh Kuber; Editing
by Dan Grebler and Tiffany Wu)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright
2014 Reuters. All rights reserved. This material may not be
published, broadcast, rewritten or redistributed. |
