Tampa General Hospital in Florida was hit with ransomware in May 2023. The cyberattack group responsible tried to steal data to demand a ransom. The hospital prevented this by having and utilizing proactive monitoring tools.
Related: HIPAA compliant email: The definitive guide
In an online notice, Tampa General stated that it experienced a cybersecurity event that affected approximately 1.2 million people. This cybersecurity incident also impacted Johns Hopkins All Children’s Hospital, HCA Hospitals, and Hillsborough County.
The breach is believed to have exposed the following PHI:
The hospital's electronic medical record (EMR) system was not part of the data breach. While the cyber gang was able to steal PHI, the hospital’s internal security system blocked the encryption of its data.
On July 18, Snatch ransomware group claimed responsibility for the data theft on its leak site. The group is suspected of operating from Russia. The FBI is currently investigating the attack and the ransomware group.
According to a recent report on ransomware attacks worldwide, there has been a 67% increase in cases between the first and second quarters of 2023. Ransomware attacks are known for using malicious software (malware) to encrypt a user's data, denying access to it. Malware typically gets delivered in email links or attachments.
Once data is encrypted, the ransomware group responsible demands a ransom payment in exchange for a decryption key. Payment does not guarantee that a decryption key will work or that a cyberattacker will stop its attacks.
Ransomware attacks damage healthcare organizations and possibly expose patients’ PHI. Along with data loss and the disruption of hospital operations is the financial and recovery time impact. An attack more than likely also leads to a HIPAA violation and fine.
LEARN MORE: Report reveals ransomware attacks reached record high in July
Security expert Sherri Davidoff says Tampa General deserves credit for catching the breach: “Kudos to the hospital for employing some of this latest and greatest technology that helped them to prevent operational outages. . . . You don’t want delays in procedures. Some studies link ransomware attacks to increased mortality rates and things like that, and [Tampa General] really successfully avoided the worst of it.”
In 2022, Tampa General gained HITRUST certification, demonstrating its commitment to HIPAA and protecting patient data. Since the attack, it has implemented additional tools and increased monitoring.
Healthcare organizations can mitigate threats by implementing a sound cybersecurity program that includes both technical and administrative safeguards:
Experts encourage organizations to design a detailed response plan in case they become the victim of a ransomware attack. Above all, organizations should refuse to pay after a ransomware attack. Paying ransoms provides cybergangs with monetary support and doesn't necessarily prevent the data from being sold.
With ransomware attacks increasing in frequency and severity, it is difficult for many organizations to face them head-on. Creating a strong cybersecurity program is costly and time-consuming upfront. This is why cyber attackers especially target smaller clinics.
Healthcare organizations need to take proactive steps to protect themselves. By implementing HIPAA compliant safeguards and having a backup plan, healthcare organizations can minimize the risks of ransomware attacks.