Lutheran Health Network patients could receive a letter as early as Thursday or Friday if they are among those affected by hackers' theft of personal data from the hospital network's parent company, Community Health Systems of Franklin, Tenn.
Mailing of the letters will start Wednesday, and all letters will be sent out by Aug. 30, said Lizette Downey, public relations coordinator for Lutheran Health Network. So all patients affected by the data theft should receive a letter by early September, Downey said.
The letters will include information on what patients can do to protect themselves from identity theft, she said. Patients also will receive free identity theft protection for one year, Lutheran Health said Monday.
Community Health Systems reported Monday that hackers apparently attacked its computer system in April and June. The information they stole dates back five years and includes names, addresses, birth dates, telephone numbers and Social Security numbers for more than 4 million patients nationwide. The hackers didn't appear to take any patients' medical or credit card information.
Lutheran Health still doesn't know how many of its patients have been affected by the data theft, Downey said. The statement released Monday said officials believe it involves patients seen at Lutheran Health clinics and physician practices.
In the statement, Lutheran Health said Community Health Systems believes the cyber attack came from a group in China possibly looking to steal “intellectual property” — information about new ideas, inventions or processes. The hackers used sophisticated malware and technology to get through Community Health's computer security system.
Community Health since has removed the malware and has taken steps to prevent future attacks, the statement said.
Community Health owns, leases or operates 206 hospitals in 29 states, The Associated Press reported.