Tampa General Hospital (TGH) has recently disclosed a significant data breach that has affected the personal information of approximately 1.2 million patients. According to an incident notice released by the hospital, the breach was detected on May 31, 2023, when unusual activity was identified in their computer systems.
“We immediately took steps to contain the activity and began an investigation with the assistance of a third-party forensic firm,” the notice read. “Fortunately, TGH’s monitoring systems and experienced technology professionals effectively prevented encryption, which would have significantly interrupted the hospital’s ability to provide care for patients.”
However, an investigation revealed that unauthorized access had occurred between May 12 and May 30, 2023, during which specific files containing sensitive patient data were extracted. “The information varied by individual,” TGH said. “But may have included names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, medical record numbers, patient account numbers, dates of service and/or limited treatment information used by TGH for its business operations.”
“In light of this breach, all affected individuals should protect themselves immediately,” commented Dasera CEO, Ani Chaudhuri. “Monitoring financial accounts closely, reviewing credit reports regularly, and remaining vigilant for any suspicious activity is crucial.”
Despite the severity of the breach, Tampa General Hospital assured the public that its “electronic medical record system was not involved or accessed.” The hospital has officially notified the FBI regarding a security breach and is actively collaborating to assist in the investigation to uncover the individuals responsible for the cyber-attack.
In response to the breach, Tampa General Hospital is taking comprehensive action to strengthen its cybersecurity defenses. Additionally, the hospital will be sending notification letters to affected individuals, and those whose Social Security numbers were compromised will be provided with complimentary credit monitoring and identity theft protection services.