Patients of at least one Oklahoma medical center had their personal information stolen in a data breach affecting 4.5 million patients nationwide, hospital officials confirmed Monday.
Hackers stole data from Community Health Systems in Franklin, Tenn. The company operates 206 hospitals nationwide, including 10 in Oklahoma.
The thieves obtained patient names, addresses, birth dates, telephone numbers and Social Security numbers. The data did not include credit card or medical information, the company reported Monday in a filing with the Securities and Exchange Commission.
Patients of Deaconess Physician Services in Oklahoma City were affected by the breach, while patients of Deaconess Hospital were not, hospital spokeswoman Emily Kezbers said.
Patients from all affected hospitals or medical centers will be notified and offered identity-theft protection services, Community Health Systems said.
The company and cybersecurity firm Mandiant believe the cyberattack occurred in April and June of this year and was carried out by a group in China using sophisticated malware. The FBI is investigating.
The breach affects 4.5 million patients who received treatment or were referred to a Community Health Systems hospital in the past five years. In addition to Deaconess, the company has nine facilities in Oklahoma: Integris Blackwell Regional Hospital; Integris Clinton Regional Hospital; Integris Marshall County Medical Center; Integris Mayes County Medical Center; Integris Seminole Medical Center; Medical Center of Southeastern Oklahoma in Durant; Midwest Regional Medical Center in Midwest City; Ponca City Medical Center; and Woodward Regional Hospital.
Continue reading this story on the...