By Bob Brooks
August 19, 2014
You might want to pay attention to this story. Unfortunately, this story is a big deal and one that is getting hardly any press. According to a regulatory filing from Community Health Systems, Chinese hackers have stolen medical records for 4.5 million patients. Community Health Systems runs 206 hospitals in 29 states.
Over the course of 2014, I have written about some pretty major security breeches. However, this is by far the worst because of the type of data stolen - social security numbers. Most of these thefts involve credit card information, emails, etc. This particular one is significant because not only the millions of people who have been compromised but also because of what thieves can do with this information. The social security number is the entry into identity theft. In order to open a credit account, all you need is a social security number.
Unfortunately, the company is concerned about Texas because of the number of hospitals in the state. Supposedly, the company is going to contact anyone that they feel has been compromised. I wouldn't stick around for that. If you know you have been to one of these hospitals in the last 5 years, you are at high risk for identity theft.
The company will probably inform you with a sense of urgency. Rarely, do they give the right advice as how to proceed. Here are the steps I would take:
1) If you have the luxury to do so, set up an identity freeze on your 3 credit report files.
This is the ultimate protection because you in a sense put a lock and key on your credit file. You are the only person that can access your credit files. There is a cost associate with the locking and unlocking of your files. However, I believe that if you were involved in a security breech that you are able to lock them down for free.
2) Get identity theft monitoring for all 3 credit reporting agencies
This is the first line of defense against identity theft. If someone is trying to access your credit, a good service will notify you immediately and you can take the action to stop it.
What about these other companies who claim to protect you on every level?
This isn't an industry with a stellar reputation. Until a company like Lifelock can explain how they are going to figure out one Joe Smith from another or determine ahead of time that someone else is using your credit card fraudulently, I wouldn't waste the money. After all, Lifelock's first "no.1 identity theft system" was simply to call the credit reporting agencies and put a fraud alert on your file and continue to renew it. Eventually they were successfully sued and told to cease and desist.
Miraculously they came up with another state of the art system. Maybe it is the cynic in me. I find it hard to believe that it is worth the money.
Once again, if you are contacted by this company for the reason of potential identity theft, I would take action. If you know you were at one of these hospitals in the last 5 years I would be proactive.