BBB: Callers taking advantage of CHS data breach

Trumbull Memorial Hospital
Trumbull Memorial Hospital

COLUMBUS, Ohio (WYTV) – The Better Business Bureau is warning of personal data theft attempts targeting those whose information may have been compromised by a July data breach at Community Health Systems, operator of three area hospitals.

The BBB said in a statement that it has received complaints from consumers who say they have been contacted by unknown people asking if they want credit protection in the wake of the CHS breach.

CHS is offering free credit protection to those affected by the breach through identity theft protection company Kroll and said that it and Kroll are sending letters, not calling consumers.

Thursday, Ohio Attorney General Mike DeWine urged Ohio residents who received services from or referrals to CHS in the past five years to check their credit reports.

The July security breach compromised patient information, including names, phone numbers and Social Security numbers, according to a government report.

CHS said they believed the attacker to be a group out of China using sophisticated technology to steal valuable information about approximately 4.5 million people, according to the report, filed with the U.S. Securities and Exchange Commission.

CHS operates Trumbull Memorial Hospital and Hillside Rehabilitation Hospital in Warren, Northside Medical Center in Youngstown, which are collectively known as ValleyCare Health System, and Affinity Medical Center in Massillon. It operates 206 hospitals in 29 states nationwide.

The company has been working with federal law enforcement and its security firm, Mandiant, to investigate the breach and said that the malware which caused the data to be leaked has been eliminated.

Federal authorities and Mandiant told CHS that the group has sought data on medical devices and equipment development in the past, but that in this case, the information was non-medical patient identification data.

The 4.5 million people affected are patients served by or referred to CHS.

CHS said the data did not include patient credit card, medical or clinical information but did include patient names, addresses, birth dates, telephone numbers and Social Security numbers.


33 WYTV provides commenting to allow for constructive discussion on the stories we cover. In order to comment here, you acknowledge you have read and agreed to our Terms of Service. Commenters who violate these terms, including use of vulgar language or racial slurs, will be banned. Please be respectful of the opinions of others. If you see an inappropriate comment, please flag it for our moderators to review.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s