• Senator Rick Scott urged FBI Director Christopher Wray to investigate a data breach at Tampa General Hospital, suggesting that foreign actors from hostile nations may be responsible.
• The hospital suffered a cybersecurity breach between May 12 and May 30, affecting 1.2 million patients and exposing various types of patient information, including sensitive data like Social Security numbers and medical records.
• Scott asked the FBI to prioritize identifying and prosecuting the attackers, raising allegations about cyberattacks from state-sponsored groups in countries like China, Russia, and North Korea.

Sen. Rick Scott called upon FBI Director Christopher Wray this week, urging him to take action to investigate a large-scale data breach at Tampa General Hospital (TGH), alleging that foreign actors from hostile nations may be responsible.

TGH announced last week that it suffered from a cybersecurity breach between May 12 and May 30, disclosing that an unauthorized third party accessed its network and obtained patient information.

The hospital states that it first detected irregular activity on May 31 and subsequently contracted a third-party forensic agency to investigate the matter. The hack affected 1.2 million patients and involved varying forms of patient information including names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, and medical record numbers.

In his letter to Wray, Scott requested that the FBI prioritize its efforts in identifying and prosecuting the perpetrators behind the attack, pointing to the potential involvement of foreign actors.

“We know that several of these cyberattacks come from groups operating in (and likely with the approval of) malign foreign states, like Communist China, Russia, and North Korea,” wrote Scott. “The Cybersecurity & Infrastructure Security Agency has issued multiple notices on Communist China state-sponsored hackers who have exploited security vulnerabilities and are trying to breach critical systems.”

Scott also posed a series of questions to Wray, seeking clarification as to how the FBI is working with health systems to prevent cyberattacks and coordinate investigations following an attack. The senator also inquired whether the agency believes that most of these cyberattacks come from foreign countries and if they have identified specific countries involved.

Scott additionally sought information pertaining to available resources to fully investigate the cyberattacks, and if insufficient, what additional resources or authorities would be needed.

“I urge you to prioritize the investigation of this recent cyberattack against Tampa General Hospital, and hope you will assign all resources necessary to identify, apprehend, and hold accountable the hackers responsible,” Scott said.

TGH is the latest hospital system to report potential ransomware events. Last week, HCA Healthcare, which has 46 hospitals in Florida, reported that approximately 11 million individuals nationwide may have had their personal information compromised by an identified data leak. The breach spanned all 46 HCA hospitals within Florida and extends to more than 150 clinics, including MdNow centers owned by the provider.

Similarly, the U.S. Department of Health and Human Services (HHS) officially launched an investigation into a suspected ransomware attack against Tallahassee Memorial Healthcare (TMH). Per the hospital, the breach potentially compromised the personal data of more than 20,000 individuals.