HCA said in a statement that the computers held thousands of files listing unpaid bills from Medicare and Medicaid patients for hospitals in eight states. The records were required for government reports, according to HCA. The data also included some patient Social Security numbers, and in a small number of cases, codes used by the government to identify patient groups.

The computers, which require a password for access, were stolen from a secured building, protected by keypad lock technology and video surveillance, HCA said. Law enforcement agencies, including the FBI, have launched an investigation of the theft, HCA said.

"Authorities believe the computers were stolen by a gang that has committed numerous break-ins in the same area, looking for computers to be sold for their hardware and not the data," HCA said in its statement. "Despite a rigorous testing process and substantial security measures, this incident took place, showing criminals can sometimes bypass even the most effective security."

This theft affects Medicare or Medicaid patients who failed to pay their co-payments or deductibles, resulting in overdue accounts -- as well as Medicare and Medicaid patients who were seen in an HCA hospital in Colorado, Kansas, Louisiana, Mississippi, Oklahoma, Oregon, Texas or Washington, between 1996 and 2006.

HCA officials could not be reached for comment.