Updated: 08/19/2014 5:16 AM
Created: 08/18/2014 4:38 PM KSTP.com
By: Stephen Tellier
Your most personal information, from doctors and hospitals, is now a hot target for hackers.
More than four million people across 29 states have just found out their information has been stolen. No Minnesota hospitals have been impacted, but FIVE EYEWITNESS NEWS took a closer look at how often healthcare data breaches happen in our state and what you can do to protect yourself.
Community Health Systems, based in Tennessee, runs more than 200 hospitals nationwide. Patient names, addresses, birth dates and social security numbers were compromised. It could be the largest data breach ever to hit the health care industry and comes just a few months after the FBI warned the industry is more vulnerable to cyber attacks than other sectors like banking and retail.
Dr. Massoud Amin, a cybersecurity expert and director of the Technological Leadership Institute at the University of Minnesota, said that's a big problem, because stolen health care data can do more damage than stolen credit card data. Health care information can allow thieves to access bank accounts, new lines of credit and even buy prescription drugs. Amin said it also sells for about ten times what stolen credit card data sells for on the black market.
"From an attacker's point of view, this is much more bang for their buck to go after this type of information than credit card information," Amin said.
FIVE EYEWITNESS NEWS searched through federal records and found since 2010, more than 74,000 Minnesotans have been victims of large-scale health care data breaches -- those affecting more than 500 patients. But most of those breaches have been the result of incidents like laptop computer thefts and unauthorized access -- not massive hacking like the breach that made headlines on Monday.
In terms of patients protecting their personal information, unfortunately, much of it is simply out of their control. But Amin said the big message for patients is to try to limit your digital footprint -- know who has your information and in what form.
It's important to note that medical files and records weren't stolen in the Community Health Systems breach -- only patients' identifying information.