More patient records at Tallahassee Memorial HealthCare may have been compromised in a previously reported data breach, according to a Dec. 15, 2025 letter sent to patients from the hospital.
TMH said an unauthorized third-party gained access to its electronic health records company, Cerner/Oracle, as early as Jan. 22, 2025. Cerner then informed the hospital about the third-party data breach in May and again Oct. 13 of this year.
Patients may have received letters in June and December of this year, notifying them that their data had been involved in the incident.
“After the June mailing, Cerner/Oracle later advised TMH that additional patients’ information was involved in the entity and the patients were notified as quickly as possible after that notice,” a hospital spokesperson said in a statement.
In the Dec. 15 letter, TMH said it is not aware of any information involved in this incident that is being used for fraud or identity theft.
“The vendor informed us that, upon learning of the incident, it initiated critical incident response process, took steps to secure the impacted systems, began an investigation and engaged external cybersecurity specialists,” the letter says.
“The vendor also informed us that law enforcement investigators directed them to delay notifying hospital customers and patients about this incident because it could have impeded their investigation.”
TMH declined to identify how many patients were impacted or how many letters went out, but said in a statement “we are committed to ensuring patients are notified of this incident and receive appropriate resources.”
“TMH’s current electronic health record system was not impacted by this issue, and there has been no disruption to our operations or our ability to care for patients,” the statement continues.
Personal information that may have been subject to the data breach includes:
TMH no longer uses Cerner to host their electronic health records, and the hospital and Cerner are offering complimentary access to identity protection services for two years as a result of the data breach.
TMH’s past IT issues
TMH, like many large hospitals in the U.S., has had its share of cybersecurity and other computer issues in recent years.
In early 2023, TMH was victim to an incident experts surmised was a ransomware attack, though the hospital didn’t confirm or deny that at the time. Spokespeople later acknowledged its systems were accessed by a hacker, but would not verify if a ransom was involved.
A ransomware attack is a type of cyberattack in which malicious software encrypts data and the perpetrator demands payment, often in cryptocurrency, to restore access.
And in late 2024, TMH had to cancel surgeries and procedures after a hardware “disruption” to the hospital’s computer network and phone systems.
Last month, many patients also received an email that they are eligible for a cash settlement after several patients sued TMH in a class action lawsuit, claiming the hospital used third-party web tracking and analytics tools on its main website that took and disclosed their “web usage data, containing personally identifiable information and protected health information, to Facebook, Google, and other third-parties.”
A TMH spokesperson at the time would not say how many people received the settlement offer or how much the hospital would have to pay to settle the claims. The original complaint, however, said “there are tens of thousands of individuals with patient portal accounts whose [personally identifiable information] and [protected health information] have been improperly disclosed to Facebook, Google and or other third parties.”
According to an email sent out to past and present patients potentially affected, “TMH denies these allegations and denies any wrongdoing, and the court has not determined that TMH did anything wrong. Instead, the parties have decided to settle this action.”
Anyone who had an active patient portal account between Dec. 29, 2019, and Dec. 31, 2024, may be eligible for a $17 settlement payment and a 2-year subscription to CyEx Financial Shield Complete, a service that provides proactive protection from financial fraud. TMH patients reported receiving emails about the settlement from noreply@tallahasseepixelsettlement.com on Nov. 13.
Ana Goñi-Lessan, state watchdog reporter for the USA TODAY Network – Florida, can be reached at agonilessan@gannett.com.
This article originally appeared on Tallahassee Democrat: More TMH patient data involved in 2025 data breach, hospital says
Reporting by Ana Goñi-Lessan, USA TODAY NETWORK – Florida / Tallahassee Democrat
USA TODAY Network via Reuters Connect
