The company that runs Watsonville Community Hospital says a cyberattack took information on more than 4 million patients from its computer network earlier this year, The Associated Press reported.
Community Health Systems Inc., based in Franklin, Tenn. said this week that no medical or credit card records were taken in the attack, which may have happened in April and June. The hospital operator did say, however, that the attack did bypass its security systems to take patient names, addresses, birthdates, and phone and Social Security numbers.
Community Health Systems took over operation of the formerly locally-owned Watsonville Community Hospital in 1998. The company is one of the largest hospital groups in the U.S., operating 206 hospitals in 29 states.
According to the Associated Press, he hospital operator said it believes the attack came from a group in China that used sophisticated malware and technology to get the information. Community Health has since removed the malware from its system and finalized "other remediation efforts" to prevent future attacks.
The information that was taken came from patients who were referred to or received care from doctors tied to the company over the past five years.
Community Health Systems is notifying patients affected by the attack and offering them identity theft protection services.