Last week’s news of a high profile data breach of Tennessee-based Community Health Systems (CHS) has potential implications for Texas community banks and their customers. The company, which owns and operates hospitals in 26 states (including Texas), fell victim to malware which exploited network vulnerability originating from the Heartbleed security flaw. The breach resulted in the loss of critical information on 4.5 million patients including names, birth dates and social security numbers. No medical records or credit card numbers were compromised, according to a company release.
Per the CHS website, it owns or operates 19 hospitals in Texas, including locations in Abilene, Alpine, Big Spring, Brownwood, Cedar Park, College Station, Corsicana, Granbury, Hillsboro, Jourdanton, Laredo, Longview, Lufkin, Mesquite, San Angelo, Tomball, Weatherford and Victoria.
“The case is a warning sign for banks to carefully check all computing devices connected to their networks for vulnerability to Heartbleed and to renew their diligence in monitoring customer accounts for signs of fraud,” wrote Penny Crosman of American Banker. Crosman’s article also includes practical considerations for bankers to take next steps in ensuring that network-connected devices and third-party applications don’t pose a potential risk to bank systems.