Community Health Systems was hacked earlier this year by a Chinese group, breaching identification data of 4.5 million individuals associated with the company's physician practices.
According to a federal filing  with the Securities and Exchange Commission, CHS believes the attack took place in April and June. Using malware to attack the company's system, the criminal group transferred certain identification data — including names, addresses, birth dates and social security numbers — of individuals who were referred for or received services from CHS's physician practices.
The Franklin-based company reports it has now eradicated the malware from its systems. According to the company's forensic expert Mandiant, affected data is non-medical but is still protected under the Health Information Portability and Accountability Act, or HIPAA. CHS is notifying affected patients and will be offering identity theft protection services.
Shares of CHS (Ticker: CYH