This month's instalment of Chinese hackers stealing US data focuses on breaches at an especially scary type of venue: hospitals. A massive hospital empire that mostly serves small towns and rural areas reports that hackers lifted 4.5 million patient records earlier this year. You might be surprised by what the hackers were after.
The attack affected Community Health Systems, the operators of 206 hospitals in 29 states. The company described the hackers as an "Advanced Persistent Threat" group from China in an SEC regulatory filing and hired a firm called Mandiant to investigate. This was a good choice since Mandiant coined the term "Advanced Persistent Threat" when describing a Chinese Army unit that's been launching similar attacks—a New York Times report last month claimed that this unit was going after smaller federal agencies.
While it's unclear whether the hackers who attacked the hospitals are the same Chinese Army unit, the methods were similar. Re/Code sums up a Mandiant report from last year that describes these types of attacks:
On average, the hackers would spend nearly a year perusing a targeted company's systems looking for sensitive information to steal: Product development plans, manufacturing techniques, business plans and the email messages of senior executives. The point is to help Chinese companies be more competitive.
And that description appears to match up to these most recent attacks. Apparently, the Chinese hackers didn't seek out medical information but rather "non-medical patient identification data related to the Company's physician practice operations." So they're either trying to steal identities or figure out how American doctors work.
Either way, many of you can expect to receive a letter from Community Health Systems in the coming weeks. And hopefully, the inconvenience stops there. [Re/Code]