Image: Jonathan Borba via Unsplash
Image: Jonathan Borba via Unsplash

Tampa hospital says sensitive data of 1.2 million stolen in failed ransomware attack

One of the largest hospitals in Florida said hackers stole the sensitive data of more than 1.2 million patients during an attempted ransomware attack in May.

Tampa General Hospital has about 7,000 employees and more than 1,000 beds for patients who come from multiple counties in the region.

The hospital published a notice on Thursday explaining that it detected unusual activity on its network on May 31 and quickly contained the activity, noting that it “effectively prevented encryption, which would have significantly interrupted the hospital’s ability to provide care for patients.”

But after conducting an investigation with the assistance of a forensic firm, they discovered that the hackers were in the hospital’s network from May 12 to May 30 and accessed the sensitive information of more than 1.2 million people before trying to encrypt the data, the Tampa Bay Times reported.

This sensitive information includes names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, medical record numbers, patient account numbers, dates of service and/or treatment information used by the hospital for its business operations.

The hospital reported the incident to the FBI and provided information about the hackers. The hackers did not access the hospital’s electronic medical record system, according to the statement.

Tampa General Hospital said it will be contacting those affected and will be providing free credit monitoring services to those who had their Social Security numbers accessed. The hospital did not respond to requests for comment about how many people had their Social Security numbers leaked.

“Patients are encouraged to review statements from their health insurer and healthcare providers, and to contact them immediately if they see any services they did not receive,” the hospital said.

On Wednesday, the Snatch ransomware group added the hospital to its leak site, according to cybersecurity expert Dominic Alvieri.

Image: Dominic Alvieri

The hospital told local news outlet Fox13 that it declined to pay the ransom issued but did not say what the ransom demand was or who was behind the attack.

Since 2019, the Snatch gang has been implicated in a number of high-profile attacks, including the Metropolitan Opera, a school district in Wisconsin and Swedish automaker Volvo. It was most recently implicated in the ransomware attack on the California city of Modesto.

The notice comes just one week after one of the biggest healthcare companies in the U.S. – HCA Healthcare announced a data breach affecting 11 million people. The company – which runs several hospitals across the U.S. – is now facing several class action lawsuits due to the breach.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.