Hospital untouched by hackers

Published 1:31 pm Monday, August 18, 2014

FRANKLIN—Southampton Memorial Hospital and its patient information were not affected when a group of hackers attacked the computer system of the parent company, Community Health Systems.

“Our clinics were not affected by the data breach reported this morning [Monday] by Community Health Systems,” said Steve Ramey, chief financial officer at Southampton Memorial Hospital.

Ramey later released a statement that CHS made to the Securities and Exchange Commission that day. In it, CHS stated the following:

• The Company confirmed in July that its computer network was targeted by “an external, criminal cyber attack that the Company believes occurred in April and June 2014.”

• That CHS and Mandiant, a forensic expert, think the attacker “was an ‘Advanced Persistent Threat’ group originating from China who used highly sophisticated malware and technology to attack the Company’s systems.”

• The attackers got through CHS computer security and then copied and transferred information externally.

• Both Mandiant and federal authorities told CHS that the intruder “has typically sought valuable intellectual property, such as medical device and equipment development data.”

But in this case, the information “was non-medical patient identification data related to the Company’s physician practice operations and affected approximately 4.5 million individuals… .”

• The information didn’t include “patient credit card, medical or clinical information,” but it did include “patient names, addresses, birthdates, telephone numbers and social security numbers.”

• CHS will notify people affected and provide them with identity theft protection services.

CHS has 200-plus hospitals in the United States, and locally that also includes Southern Virginia Regional Medical Center in Emporia and the Southside Regional Medical Center in Petersburg.