UPDATE: FBI working with Tallahassee Memorial HealthCare following ‘IT security’ incident

TALLAHASSEE, Fla. (WCTV) - Tallahassee Memorial HealthCare has begun working with “outside experts” and law enforcement to address the scope of the “IT security event” that occurred last Thursday night.

While it’s unclear if any patient information was compromised as a result of the incident, attacks on healthcare systems across the country have become a fairly common trend.

According to Jama Health Forum ransomware attacks on healthcare facilities more than doubled between 2016 and 2022, exposing the personal health information of nearly 42 million patients.

Those attacks also drew several similarities in the circumstances, and consequences surrounding the attack on TMH.

According to the report, 41 percent of those attacks caused electronic system downtime, while 10 percent of the attacks caused cancellations of care and 4 percent caused ambulance diversions.

TMH has not confirmed if this security event was a ransomware attack, however, according to a study by Check Point Software Technologies hospitals were among the top three most attacked industries in 2022.

Education and government agencies were also high on that list.

TMH said they continue to lean on their partners with HCA Florida Capital Hospital and Leon County EMS, thanking them in a statement for their help in diverting patients for care.

Patients who have questions about their care are asked to contact their physician directly.

The FBI was working with Tallahassee Memorial HealthCare following an “IT security event” that occurred last Thursday night.

“While our policy prohibits us from confirming or denying the existence or status of a federal investigation, we are working with TMH security teams to assess the situation,” the FBI Jacksonville field office said in an email statement to Eyewitness News Monday afternoon.

As reported last Friday, the incident had led to TMH to execute protocols “for system downtime and taking steps to minimize the disruption.” That included rescheduling non-emergency appointments that were originally scheduled for Friday and Monday.

The incident also prompted ambulances to be rerouted to HCA Florida Capital Hospital. Eighty-eight percent of the weekend Leon County EMS transports went to HCA with 12% of the transports going to TMH, according to Matt Cavell, the Leon County Assistant to the County Administrator for Community and Resilience.

TMH was still accepting expecting mothers as patients, according to their statement released Sunday.

“If you are in labor or have an emergency requiring care from Labor & Delivery Triage, please come to the Women’s Pavilion,” the Sunday statement said.

The hospital was still under downtime procedures, according to the Sunday update.

“We are still operating under downtime procedures, which means we are using paper documentation,” TMH wrote on Sunday. “We apologize for any delays this may create.”

The investigation continued into the security incident, and the hospital warned that it would take time to investigate it and fully restore IT operations. The hospital was working around the clock with outside consultants to investigate the cause of the security incident, THM said.

“We will provide updates as the investigation progresses, bearing in mind that security, privacy and law enforcement considerations impact the amount of detail we can provide,” TMH wrote in Sunday’s statement.

This incident comes as hospitals around the United States have been targets for ransomware and, as reported recently, distributed denial of service attacks.

This story was updated to reflect changes to the percentage of EMS routes to TMH and HCA.

Mike Rogers and Charles Roop contributed to this story.

Copyright 2023 WCTV. All rights reserved.