Tallahassee Memorial Healthcare, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Tallahassee Memorial Healthcare (TMH), a non-profit health system serving North Florida and South Georgia, experienced a cyberattack in late January 2023. The cyberattack was detected on February 3, 2023, when unusual system activity was noticed, and TMH secured its systems and engaged a third-party cybersecurity firm to investigate[1][6]. The investigation determined that an unauthorized individual had gained access to TMH’s computer network and exfiltrated certain files between January 26 and February 2, 2023[1][2][4].

The information accessed varied by patient but may include names, addresses, dates of birth, Social Security numbers, health insurance information, medical record numbers, patient account numbers, and limited treatment information related to care received at TMH[1][2][4]. TMH confirmed that its electronic medical record system was not accessed during the attack[1]. The data breach has been reported to the U.S. Department of Health and Human Services’ Office for Civil Rights as affecting 20,376 individuals[1][10].

In response to the breach, TMH has reviewed its security policies, provided additional training to employees, and is offering complimentary credit monitoring and identity protection services to individuals whose Social Security numbers were included[1][4]. TMH began mailing letters to the approximately 20,000 patients who may have been affected on March 31, 2023[2][4]. Patients are encouraged to review statements from their healthcare providers and health insurer and report any inaccuracies[4].

The hospital has established a dedicated, toll-free call center for patients to call with questions at 1-888-567-0040, available Monday through Friday, between 9 a.m. and 9 p.m. Eastern Time[4]. For more information, patients can visit TMH’s website or the dedicated page regarding the IT security event[2][4].

The cyberattack forced TMH to operate under emergency downtime procedures for around two weeks, during which some EMS patients were diverted and non-emergency surgical and outpatient procedures were rescheduled[1][11]. TMH has not verified if a ransom was involved in the incident[2]. The hospital has not released further details about the exact nature of the attack but has stated that it is continually enhancing the security of its electronic systems and the data it maintains to help prevent future events[4].

Citations:

  1. https://www.hipaajournal.com/tallahassee-memorial-healthcare-patient-data-stolen-in-cyberattack/
  2. https://www.tallahassee.com/story/news/local/2023/03/31/tmh-updates-what-information-was-affected-during-cybersecurity-incident/70069655007/
  3. https://healthitsecurity.com/news/tallahassee-memorial-provides-healthcare-data-breach-notice
  4. https://www.tmh.org/news/2023/notice-to-patients-regarding-it-security-event
  5. https://qz.com/a-hidden-system-of-exploitation-underpins-us-hospitals-1850888315
  6. https://www.portnox.com/blog/cyber-attacks/examining-the-tallahassee-memorial-hospital-cyber-attack/
  7. https://www.bankinfosecurity.com/florida-hospital-begins-breach-notification-post-attack-a-21616
  8. https://www.tmh.org/news/2023/disclosure-regarding-eso-inc-breach-and-patient-information
  9. https://www.jems.com/news/eso-says-2-7-million-affected-by-data-breach/
  10. https://www.wtxl.com/news/local-news/u-s-health-and-human-services-investigating-it-security-incident-at-tallahassee-memorial-healthcare
  11. https://www.fiercehealthcare.com/health-tech/tallahassee-hospital-takes-it-systems-offline-postpones-procedures-after-apparent-cyber
  12. https://www.jdsupra.com/legalnews/tallahassee-memorial-healthcare-posts-3912510/
  13. https://health.wusf.usf.edu/health-news-florida/2023-02-16/tallahassee-memorial-resolves-it-threat-and-operations-are-returning-to-normal
Breach Submission Date Mar 31, 2023
Converted Entity Name Tallahassee Memorial Healthcare, Inc.
Converted Entity Type Healthcare Provider
State FL
Individuals Affected 20,376
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes