The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Tampa General Hospital Says Hackers Exfiltrated the Data of 1.2 Million Patients

Posted By on Jul 20, 2023

Tampa General Hospital has recently confirmed that hackers gained access to its network and stole files containing the protected health information of up to 1.2 million patients.  A security breach was detected on May 31, 2023, when suspicious activity was identified within its network. The affected systems were immediately taken offline to prevent further unauthorized access and a third-party digital forensics firm was engaged to investigate the incident and determine the nature and scope of the attack.

The investigation confirmed that unauthorized individuals had access to its network for three weeks between May 12, and May 30, 2023, during which time they exfiltrated files containing patient information. The information compromised in the incident varied from individual to individual and may have included names, phone numbers, addresses, dates of birth, Social Security numbers, medical record numbers, patient account numbers, dates of service, health insurance information, and limited treatment information. Tampa General Hospital confirmed that the hackers did not gain access to its electronic medical record system.

Tampa General Hospital said this was an attempted ransomware attack and while data theft occurred, its security systems prevented files from being encrypted. Additional technical security measures have now been implemented to harden its systems and prevent further data breaches and network monitoring has been enhanced to ensure that any future security breaches are detected rapidly.

Notification letters will be mailed to affected individuals when contact information has been verified.  Tampa General Hospital said affected individuals will be offered complimentary credit monitoring and identity theft protection services.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Update: The breach has recently been reported to the HHS’ Office for Civil Rights as affecting up to 1,313,636 individuals. 

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist