The personal information stolen by the hackers includes Names, Social Security numbers, addresses, birth dates and telephone numbers from over 4.5 million patients whose data was compromised in the cyber attack which occurred during April and June of this year.



The company suspects that the attacker was using “highly sophisticated malware and technology to attack the company’s systems” and is possibly operating out of China. Federal Authorities suspect that the hackers were most probably looking to steal medical device and equipment development data, but they were only able to get access to patients personal information.



Anyone who received treatment through the Community Health System, or was simply registered for the treatment during the last five years is affected by the breach.



No credit card information or medical data has been stolen, however with data which has been stolen has sufficient inputs to put the affected victim at the risk of identity fraud. Anyone with access to these data can open bank accounts, take out loan or avail credit card services on the details of the victim.



The company said it is have wiped out the malware from the computer and is working with Federal authorities to track the attacker. The affected patients are separately being informed and the company plans to offer identity theft protection to all of the 4.5 million victims of the data breach.