CENTRAL FLORIDA - The personal information of millions of people could be at risk after a security breach at four central Florida hospitals.
Community Health Systems is involved in a national investigation because hackers apparently breached their records.
The breach could potentially affect 4.5 million patients nationwide who have received treatment at a Community Health Systems hospital within the last five years.
In central Florida, the company operates Wuesthoff hospitals in Melbourne and Rockledge, as well as St. Cloud Regional Medical Center and Monroe Regional Medical Center in Ocala.
According to the company, the hackers were located in China and breached its database sometime in April and June.
Community Health Systems is notifying the patients whose information is at risk and offering them identity theft protection. The company also said its taken security measures so the breach won't happen again.
In a statement, Wuesthoff Health System spokesperson Diana VanDeMark said, "Limited personal identification data belonging to some patients who were seen at physician practices and clinics affiliated with Wuesthoff Health System over the past five years was transferred out of our organization in a criminal cyber-attack by a foreign-based intruder. This does not impact hospital patient data. The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers.
VanDeMark continued, "We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients. Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection. Our organization believes the intruder was a foreign-based group out of China that was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks. We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack. Many American companies and organizations have been victimized by foreign-based cyber intrusions. It is up to the Federal Government to create a national cyber defense that can prevent this type of criminal invasion from happening in the future."