The below story has been modified to add a statement from Abilene Regional Medical Center and Brownwood Regional Medical Center regarding the Community Health Systems data breach which has affected 206 hospitals, including patients who have visited Abilene Regional Medical Center.
The breach also affects San Angelo Community Medical Center.
For a complete list of affected hospitals, click here.
Affected patients may call 1-855-205-6951 toll-free for more information. Representatives are available from 8 a.m. to 5 p.m. Central Time Monday through Friday.
NEW YORK (CNNMoney)
Community Health Systems, which operates 206 hospitals across the United States, including Abilene Regional Medical Center, announced on Monday that hackers recently broke into its computers and stole data on 4.5 million patients.
Hackers have gained access to their names, Social Security numbers, physical addresses, birthdays and telephone numbers.
Anyone who received treatment from a physician's office tied to a network-owned hospital in the last five years -- or was merely referred there by an outside doctor -- is affected.
The company's hospitals operate in 28 states but have their most significant presence in Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas.
For more information, click here.
Below is a statement from Abilene Regional and Brownwood Regional Medical Center regarding the issue:
Limited personal identification data belonging to some patients who were seen at physician practices and clinics affiliated with Community Health Systems, which include Abilene Regional Medical Center and Brownwood Regional Medical Center, over the past five years was transferred out of each organization in a criminal cyber-attack by a foreign-based intruder. The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers.
We take very seriously the security and confidentiality of private patient information and we sincerely regret any concern or inconvenience to patients. Though we have no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.
Our organizations believes the intruder was a foreign-based group out of China that was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks. We are working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.
Many American companies and organizations have been victimized by foreign-based cyber intrusions. It is up to the Federal Government to create a national cyber defense that can prevent this type of criminal invasion from happening in the future.