AMORY – Limited personal identification data belonging to some patients who were seen at Amory Physician Practice Management during the past five years was transferred out of the organization in a criminal cyber attack by a foreign-based intruder, according to a press release from Gilmore Memorial Regional Medical Center.
The transferred information did not include any medical information or credit card information, but it did include names, addresses, birthdates, telephone numbers and social security numbers.
Gilmore is taking the security and confidentiality of private patient information very seriously and sincerely regrets any concern or inconvenience this event may cause for its patients.
Though the hospital has no reason to believe that this data would ever be used, all affected patients are being notified by letter and offered free identity theft protection.
The organization believes the intruder was a foreign-based group out of China that was likely looking for intellectual property. The intruder used highly sophisticated methods to bypass security systems. The intruder has been eradicated and applications have been deployed to protect against future attacks.
A statement released by Gilmore’s parent company, Community Health Services, states the computer network is believed to have been targeted by criminal cyber attacks in April and June 2014 and 4.5 million individuals may have been targeted.
The company, which operates 12 hospitals in Mississippi, is working with federal law enforcement authorities in their investigation and will support prosecution of those responsible for this attack.
Many American companies and organizations have been victimized by foreign-based cyber intrusions.
“It is up to the Federal Government to create a national cyber defense that can prevent this type of criminal invasion from happening in the future,” the company statement said.