Tallahassee Memorial HealthCare (TMH) has canceled procedures and is diverting some patients following a cyberattack that forced it to take some IT systems offline.
Founded in 1948, the not-for-profit community healthcare system provides acute and other types of healthcare services to a 21-county area in North Florida, South Georgia and South Alabama.
On February 3, TMH announced that, late Thursday night, it fell victim to a cyberattack that forced it to disconnect some of its IT systems and start operating under downtime protocols.
On February 5, the healthcare services provider announced that the situation had not been remedied, with all non-emergency surgical and outpatient procedures initially scheduled for February 6 being canceled and rescheduled.
TMH announced that it implemented incident response protocols immediately after discovering the incident, and that backup and downtime protocols it has in place allow it to continue to provide care to its patients.
“We are still operating under downtime procedures, which means we are using paper documentation. We apologize for any delays this may create. We practice for situations like this, and we are prepared to provide safe, high-quality care to our patients during computer system downtimes,” the healthcare provider said on Sunday.
TMH also said that an investigation into the incident was ongoing, without providing details on the type of cyberattack it experienced or on whether any personal or health information was compromised during the attack.
However, the fact that the organization was forced to disconnect some of its IT systems to contain the incident suggests that ransomware might have been involved.
SecurityWeek has emailed TMH for additional information on the incident and will update this article as soon as a reply arrives.
Related: Ransomware Hit 200 US Gov, Education and Healthcare Organizations in 2022
Related: Data Breach at Louisiana Healthcare Provider Impacts 270,000 Patients
Related: Healthcare Organizations Warned of Royal Ransomware Attacks