Franklin, Tenn.-based Community Health Systems said about 1 million of its patients may have been affected by a recent data breach.
The incident involved a file transfer software called GoAnywhere from third-party vendor Fortra, according to a February securities filing. The Fortra breach reportedly happened in late January.
The health system said it is still investigating the extent of the data breach but that it did not interrupt patient care. Community noted that it "may have incurred, and may incur in the future, expenses and losses related to this incident that are not covered by insurance."
Russian ransomware gang Clop has claimed responsibility for the attack.