Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack

A Tallahassee hospital has been forced to divert patients to other facilities and cancel all non-emergency surgical procedures after being hit by a cyberattack that began on Thursday night.

Tallahassee Memorial HealthCare – one of the biggest hospitals serving a 21-county region in north Florida and south Georgia – said they have had to take their IT systems offline due to the security issue. 

“We are also diverting EMS patients and will only be accepting Level 1 traumas from our immediate service area. All non-emergency surgical and outpatient procedures have been canceled and rescheduled,” the hospital said in a statement on Friday.

“As a result of this issue, we have rescheduled non-emergency patient appointments. Patients will be contacted directly by their provider and/or care facility if their appointment is affected.”

Hospital officials said it has created protocols to deal with system downtime designed to minimize disruption and noted that its IT department discovered the attack quickly before working to resolve it. 

The hospital did not respond to requests for comment about the nature of the cyberattack, but sources connected to the situation told Florida Politics that it is a “suspected ransomware attack.”

Tallahassee Memorial HealthCare operates a 772-bed acute care hospital, a surgery and adult ICU center, a psychiatric hospital, multiple specialty care centers and more.

While there has been some debate over whether ransomware attacks on hospitals can be tied directly to any loss of life, several experts said incidents over the last five years were undeniable proof that the attacks are causing significant and tangible real-world harm

“Ransomware attacks on hospitals put lives at risk, it’s as simple as that. And even if they don’t actually kill people, they may well result in patients having worse outcomes than they otherwise would,” Emsisoft ransomware expert Brett Callow told The Record. 

“Cybercriminals have had hospitals in their crosshairs for years, and we still haven’t solved the problem. Last year, 25 U.S. health systems with 290 hospitals between them were impacted by ransomware. Healthcare systems are already stressed and stretched, and attacks from for-profit cybercriminals simply add to their problems. The bottom line is that we need to find better ways to protect our hospitals, and we need to do it quickly. If we do not, it’s very likely that people will die.”


A screenshot of the Telegram channel run by Killnet.

The attack on Tallahassee Memorial HealthCare comes just one day after a group of pro-Russian hackers announced distributed denial-of-service (DDoS) attacks on hospitals in at least 25 U.S. states, knocking several offline for hours. 

Those attacks followed another campaign against dozens U.S. hospitals on Monday

The U.S. Department of Health and Human Services published an alert warning healthcare institutions that the DDoS attacks may eventually lead to ransomware incidents.

“It is likely that pro-Russian ransomware groups or operators, such as those from the defunct Conti group, will heed Killnet’s call and provide support. This likely will result in entities Killnet targeted also being hit with ransomware or DDoS attacks as a means of extortion, a tactic several ransomware groups have used,” HHS warned. 

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.