Updated: 08/18/2014 8:32 PM |
Created: 08/18/2014 4:11 PM
By: Blair Miller, KOB.com
CARLSBAD -- A Tennessee-based health center operator that runs the Carlsbad Medical Center said Monday that a cyberattack took information on more than 4 million patients nationally from its computer network earlier this year.
According to the Carlsbad Current-Argus, the Franklin, Tennessee company said that no medical or credit card records were taken in the attack, which may have happened in April and June.
Community Health Systems did say the cyberattack bypassed its security systems to take patient names, addresses, birthdates, and phone and Social Security numbers.
The stolen information came from patients who were referred to or received care from doctors tied to the company over the past five years.
The company owns, leases or operates 206 hospitals nationwide, including six in New Mexico.
The centers in New Mexico are: the Alta Vista Regional Hospital in Las Vegas, Lea Regional Medical Center in Hobbs, Carlsbad Medical Center, Mimbres Memorial Hospital in Deming, Eastern New Mexico Medical Center in Roswell and Mountainview Regional Medical Center in Las Cruces.
The Current-Argus spoke with Melissa Suggs of CMC, who said the hospital is aware of the breach of records and is taking steps to address the issue.
A news release from CMC said the company believes the most compromised patient information pertained to the Pecos Valley Physicians Group.
According to The Associated Press, the hospital operator said it believes the attack came from a group in China that used sophisticated malware and technology to get the information. Community Health has since removed the malware from its system and finalized "other remediation efforts" to prevent future attacks.
Information from the Carlsbad Current-Argus and The Associated Press contributed to this report.