Patients at eight hospitals in South Carolina may have been the victims of a large cyber-attack earlier this year.
The eight medical centers are all part of Community Health Systems — a Tennessee-based company that operates more than 200 hospitals nationwide. Officials said Monday that no medical or credit card records were taken in the attack which may have happened in April and June, but the hackers did make off with names, addresses, phone numbers, and Social Security numbers.
The affected hospitals in South Carolina are Mary Black Health System in Spartanburg, Carolinas Hospital System in Florence and Marion, Chester Regional Medical Center, Chesterfield General Hospital, Marlboro Park Hospital in Bennettsville, Carolina Pines Regional Medical Center in Hartsville, and Springs Memorial Hospital in Lancaster.
The company said anyone who was either treated at or referred to those hospitals in the last five years is affected. In all, the company believes 4 million patients had sensitive information compromised.
“We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients,” the company said in a statement. “Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.
Community Health Systems said that cybersecurity experts it hired have determined the hackers were based in China and used high-end, sophisticated malware to launch the attacks.