Tampa General Hospital experienced a data breach in May 2023, which led to unauthorized access to sensitive patient information. The breach was detected on May 31, 2023, and the hospital faced criticism for waiting until July 19, 2023, to notify the affected individuals. A class-action lawsuit was filed against the hospital, alleging that the breach was preventable and that the hospital's response exacerbated the harm. The FBI was called in to investigate the breach, which involved a criminal group hacking into the hospital's computer systems.

How many accounts were compromised?

The breach impacted data related to approximately 1.3 million individuals.

What data was leaked?

The data exposed in the breach included names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, medical record numbers, and patient account numbers.

How was Tampa General Hospital hacked?

During the Tampa General Hospital data breach, a criminal group gained unauthorized access to the hospital's computer systems and exfiltrated sensitive patient data over a three-week period. The breach was detected when the hospital noticed unusual activity on its systems. Specific methods used by the hackers and any potential malware involved remain unclear.

Tampa General Hospital's solution

In response to the hack, Tampa General Hospital conducted a thorough investigation with the help of a third-party forensic firm to determine the extent of the breach and identify the unauthorized user responsible. While specific enhanced security measures remain unclear, the hospital reported the data breach and took steps to address the issue. Affected patients were notified by mail, and the hospital offered complimentary credit monitoring and identity theft protection to those whose Social Security numbers were involved.

How do I know if I was affected?

Tampa General Hospital notified affected patients by mail. If you believe you may have been affected by the breach but did not receive a notification, you can visit Have I Been Pwned to check if your email has been compromised in a data breach.

What should affected users do?

In general, affected users should:

1. Change Your Passwords: Immediately update your passwords for any accounts that may have been compromised. Make sure the new passwords are strong and unique, not previously used on any other platform.

2. Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

3. Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

4. Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the appropriate authorities or support teams.

For more specific help and instructions related to Tampa General Hospital's data breach, please contact Tampa General Hospital's support directly.

Where can I go to learn more?

If you want to find more information on the Tampa General Hospital data breach, check out the following news articles:

• Tampa General Hospital Sued Over 1.3 Million Record Data Breach

• Class-action lawsuit filed against Tampa General Hospital over recent data breach

• Tampa General reports confidential data of 1.2 million patients hacked