Regarding a cyberattack encountered in June 2024, the Florida Department of Health has begun sending notifications to individuals impacted by the incident. The breach, detected on June 26, 2024, involved the unauthorized access and theft of sensitive information including protected health information from selected systems.
A forensic investigation confirmed that the breach occurred on June 26, 2024. The stolen files were reviewed, revealing that compromised information included names, birth dates, addresses, banking data, credit card details, Social Security numbers, driver’s license numbers, military IDs, passport numbers, Nexus numbers, medical and dental records, medication details, medical provider information, insurance coverage details, insurance claim details, and passwords. The specific data involved varied for each person, and the notifications sent to individuals detailed the exact types of information affected.
Immediately after detecting the breach, the Department of Health took swift action by shutting down the affected systems and isolating servers. The incident was reported to law enforcement, and the Florida Department of Law Enforcement is conducting an investigation. In response to the attack, additional security measures were enforced to prevent future breaches.
The Florida Department of Health is offering potential victims of the cyberattack 12 months of free credit monitoring and identity theft protection services via Kroll. These services include fraud consultation, identity restoration, credit monitoring, online monitoring, and up to $1 million coverage for identity fraud loss reimbursement.
Those affected by the incident are instructed to stay alert for potential identity theft and fraud by monitoring their credit reports and financial account statements for suspicious activity. In case of any unauthorized transactions or suspect identity theft, they should contact their financial institution right away. Additionally, victims must be cautious of scams where attackers may pose as the Department or mention this incident to deceive individuals.
RansomHub, the ransomware group behind the attack, published 100GB of stolen files on its data leak site when the victim did not pay their ransom demand. The breach has been reported to the Department of Health and Human Services’ Office of Civil Rights (OCR), though it has not yet appeared on the OCR breach portal. The total number of individuals affected by the breach remains unknown.
In case of any query about this incident, individuals may contact the dedicated call center at 866-997-1602 set up by the Department Monday through Friday from 9 a.m. to 6:30 p.m. ET.