Tampa General Hospital Breach

Last updated: April 1, 2025

Target Audience

Keywords

Introduction

Overview

The Tampa General Hospital breach occurred in May 2023, impacting over 1.2 million patients. The hospital detected unusual network activity on May 31, which fortunately allowed its security systems to prevent the encryption of its data. While the hospital's medical records system was not compromised, attackers accessed sensitive information such as patients' names, addresses, dates of birth, Social Security numbers, and health insurance details. The Snatch ransomware group later claimed responsibility for the attack. In response, TGH offered credit monitoring services to those affected.

Vulnerability Details

Attackers gained access to the hospital's systems using legitimate user credentials, likely taken from other past data leaks. They had gained access to the hospital's systems undetected for nearly three weeks, during which they exfiltrated sensitive data. While the attackers did not successfully deploy encryption, the hospital's security measures and monitoring, were instrumental in mitigating further damage.

Learning Objectives

  • Understand the anatomy of Ransomware attacks in Healthcare
  • Identify vulnerabilities used in the breach
  • Ethical and legal implications of data breaches in Healthcare

Download

Remote Terminal

Terminal Description

Module Questions

What type of cyberattack targeted Tampa General Hospital in 2023?
Approximately how many patient records were compromised in the TGH breach?
What sensitive information was exposed during the breach?
How did Tampa General Hospital detect the breach?
What action did Tampa General Hospital take following the breach?