Hackers in China steal Texas hospital patient’s identity

St. Joseph Hospital is notifying more than 400,000 current and former clients about “a major cyberattack from China” that compromised their personal data in December 2013, the television station reports.

Former patient Mary Vaughn says she's already seen her identity stolen.

She's frustrated the hospital didn't tell her sooner. "In January someone used my Social Security Number and applied for credit cards with major companies and I was notified of the problem with my credit report," Vaughn told the station.

What she didn't know until 2/11 is that she is one of many people to have had their personal information hacked from a server at St. Joseph Regional Health System in Texas back in December 2013.

IP addresses originated from China and elsewhere.

“Vaughn had been a patient seven years ago and the thieves used the last name she had then. That's why she thinks the identity theft is connected to the security breach at St. Joseph,” the station reports.

Vaughn says she tracked down the person who tried to open up the accounts to an apartment complex in Houston.

"Everything that happened to me was mid-January and I think if they happened more rapidly I'm not saying it wouldn't have happened, but I would have known where this was coming from," she told the station.

It took nearly two months for her to receive a letter from St. Joseph informing her about a problem.

Tim Ottinger, a spokesman for St. Joseph Regional Health Center told the station that “it took forensic experts weeks to figure out what was hacked and also find contact information. Some records dated back ten years.”

So far St. Joseph officials say there's no official confirmation the breach has resulted in any identity thefts.

Ottinger made the following statement regarding Vaughn's case: "We are very sorry to hear about Ms. Vaughn's experience. While there is no reason to believe her experience was related to our data security incident, we want to remind everyone who received a letter from us that they have automatically been enrolled in free ID protection for a year.”

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.