• The U.S. Department of Health and Human Services (HHS) is investigating a suspected ransomware attack against Tallahassee Memorial Healthcare (TMH) that potentially compromised personal data of over 20,000 individuals.
• TMH disclosed that exposed data may include names, addresses, dates of birth, Social Security numbers, health insurance information, medical record numbers, patient account numbers, and treatment details.
• TMH’s systems were shut down for nearly two weeks due to a security issue, prompting FBI intervention. TMH has not confirmed or denied if it was a ransomware attack, and an anonymous source claimed the hospital was awaiting an insurance payout for ransom demands.

The U.S. Department of Health and Human Services (HHS) officially launched an investigation into a suspected ransomware attack against Tallahassee Memorial Healthcare (TMH). Per the hospital, the breach potentially compromised the personal data of more than 20,000 individuals.

According to the HHS breach database, the agency commenced a formal inquiry on March 31st, classifying the event as a hack or IT compromise. TMH disclosed that potentially exposed data could include names, addresses, dates of birth, Social Security numbers, health insurance information, medical record numbers, patient account numbers, and treatment details.

In a statement, TMH conveyed that it initiated the process of notifying affected patients by mail regarding the potential compromise of their information. Notably, TMH asserted that no financial account or payment card information was implicated in the attack, and TMH’s electronic medical records remained unaffected.

“TMH detected unusual activity involving our computer systems. We took immediate action to contain the event and began an investigation with the assistance of independent experts,” said TMH regarding the attack. “We also reported the incident to law enforcement. The investigation determined that an unauthorized person gained access to our computer network, and obtained certain files from our systems between January 26 and February 2, 2023.”

The hospital encountered a “security issue” on February 3rd, leading to the complete shutdown of its IT systems, and resulting in the rescheduling of all non-emergency patient appointments and the redirection of EMS patients to other local medical facilities.

Apprehensions escalated as TMH’s systems remained inoperable for almost two weeks, prompting the intervention of the Federal Bureau of Investigation (FBI) to investigate and potentially address the persisting issues.

Nevertheless, the details of the incident remain ambiguous. Despite inquiries made by The Capitolist, TMH’s public relations officers declined to confirm or deny if the issue was indeed a ransomware attack, which typically involves the introduction of malware into an organization’s electronic systems with the aim of disrupting operations until ransom demands are fulfilled.

Furthermore, an anonymous source revealed that TMH had been awaiting an insurance payout to fulfill ransom demands associated with the suspected attack, several days prior to the resumption of normal activities. However, when approached for comment on this claim, hospital representatives chose not to respond.

The Capitolist attempted to reach the U.S. Department of Health and Human Services for comment.