Community Health Systems breach affects 4.5 million patients

The U.S. hospital operator said personal data, including names and addresses, of about 4.5 million people was stolen from its computer network.

“The company said it and its security contractor, FireEye Inc unit Mandiant, believed the attackers originated from China,” Reuters reports. “They did not provide further information about why they believed this was the case. They said they used malware and other technology to copy and transfer this data and information from its system.”

The data also included birth dates, telephone numbers and Social Security numbers.

The people affected were referred for or received services from doctors affiliated with the hospital group during the past five years.

Authorities said these attacks are typically aimed at gathering intellectual property, such as medical device and equipment development data.

But this time, the data transferred was non-medical patient identification data, according to a Securities and Exchange Commission Regulatory filing.