Why Chinese Hackers Stole 4.5 Million US Hospital Records

Why Chinese Hackers Stole 4.5 Million US Hospital Records

This month's instalment of Chinese hackers stealing your data focuses on breaches at an especially scary type of venue: hospitals. A massive hospital empire that mostly serves small towns and rural areas reports that hackers lifted 4.5 million patient records earlier this year. You might be surprised by what the hackers were after.

The attack affected Community Health Systems, the operators of 206 hospitals in 29 states. The company described the hackers as an "Advanced Persistent Threat" group from China in an SEC regulatory filing and hired a firm called Mandiant to investigate. This was a good choice since Mandiant coined the term "Advanced Persistent Threat" when describing a Chinese Army unit that's been launching similar attacks — a New York Times report last month claimed that this unit was going after smaller federal agencies.

While it's unclear whether the hackers who attacked the hospitals are the same Chinese Army unit, the methods were similar. Re/Code sums up a Mandiant report from last year that describes these types of attacks:

On average, the hackers would spend nearly a year perusing a targeted company's systems looking for sensitive information to steal: Product development plans, manufacturing techniques, business plans and the email messages of senior executives. The point is to help Chinese companies be more competitive.

And that description appears to match up to these most recent attacks. Apparently, the Chinese hackers didn't seek out medical information but rather "non-medical patient identification data related to the Company's physician practice operations." So they're either trying to steal identities or figure out how American doctors work.

Either way, many of you can expect to receive a letter from Community Health Systems in the coming weeks. And hopefully, the inconvenience stops there. [Re/Code]


Comments

    Why Chinese Hackers Stole 4.5 Million US Hospital RecordsBecause Clive Palmer called them Mongrels..! Bedumbump..! :)

    Last edited 19/08/14 8:38 am

    Maybe the Chinese should figure out some stuff of their own.

    I remember when something like a boeing 737 or something similar had to make an emergency landing there a long time ago, before they had modern aircraft in China. They kept it and took the whole thing apart, seeing how it all worked, then put it all back together exactly the same. Except it couldn't fly anymore.

      If you are thinking of this :
      http://en.wikipedia.org/wiki/Hainan_Island_incident
      Then I fail to see how a military incident is comparable to anything here.
      As far as you initial statement - you may want to go look at :
      http://en.wikipedia.org/wiki/List_of_Chinese_inventions
      Deriding a race by the actions of a few is just foolishness.

        Deriding a country be the actions of their government seems fair to me. State sanctioned hacking of basically every fortune 500 company, military contractors etc etc.

        The incident I believe happened before the Iron Curtain or whatever it was called was lifted. Of course they had modern aircraft in 2001. I heard it in a talk somewhere many years ago.

          The iron curtain pertained to Russia and Europe, so not sure of the time frame you are talking. 737s were in around 1970, but I can't find any evidence of what you are talking about.
          A moot point perhaps.
          Anyway - I think if the Snowden stuff (and consequent fallout) has shown us is that, as much as we love pointing fingers at China for being dodgy hackers, that we Aussies dabble aplenty in that space too. We call it Intelligence gathering if it's us - hacking if it's them.

    Either way, many of you can expect to receive a letter from Community Health Systems in the coming weeks.

    Another copy paste job on Gizmodo.

    Community Health Systems letter: We apologize for the loss of your identification. Please change your name, date of birth and residence?

    Wait, so let me get this straight... Chinese hackers stole information from the US health system... in order to be more like them?

    Bloody hell. The US medical system is the poster child for how not to take care of a nation's health. Anyone with even a miniscule degree of control can and should do anything - no really, anything - they can to distance themselves from that farce.

Join the discussion!

Trending Stories Right Now