Tampa General Hospital, a prominent healthcare facility, faced a significant data breach, as hackers successfully infiltrated their network and exfiltrated sensitive health information belonging to nearly 1.2 million patients.
The breach was discovered on May 31, 2023, prompting immediate measures to prevent further unauthorized access, and a third-party digital forensics firm was engaged to investigate the incident‘s nature and extent.
The investigation revealed that unauthorized individuals had access to the hospital’s network for three weeks between May 12 and May 30, 2023, during which they managed to steal patient information. The compromised data included a range of personal details such as names, addresses, phone numbers, Social Security numbers, medical record numbers, patient account numbers, dates of service, health insurance information, and limited treatment data.
Although data theft occurred, Tampa General Hospital’s security systems thwarted the hackers’ attempt to encrypt the stolen files in what appeared to be an attempted ransomware attack.
To prevent future data breaches, the hospital has taken proactive measures to strengthen its systems by implementing additional technical security measures and intensifying network monitoring. As a result, any potential future security breaches will be rapidly detected.
Tampa General Hospital is committed to notifying all affected individuals, and notification letters will be mailed out as soon as contact information is verified. The hospital is providing complimentary credit monitoring and identity theft protection services to mitigate any potential risks faced by the impacted patients.
Tampa General Hospital’s recent breach highlights the increasing threat of cyberattacks in the healthcare sector, necessitating stronger security measures to safeguard sensitive patient information. The hospital’s response to the incident demonstrates their dedication to protecting patient data and ensuring transparency in addressing such events. As the situation unfolds, further investigations into the breach will be conducted, and Tampa General Hospital will continue to prioritize the security of its patients’ data in the face of evolving cyber threats.