Fort Wayne-based Medical Informatics Engineering said the attack on its main network and its NoMoreClipboard network began May 7 and wasn’t detected until May 26. The exposed information includes names, addresses, birth dates, Social Security numbers and health records, it said.
Chief Operating Officer Eric Jones said in a telephone interview that the number of affected patients has not been determined, and he declined to speculate how many there might be.
The company’s clients include Texas-based Concentra, which operates more than 300 medical centers in 38 states; Franciscan St. Francis Health Indianapolis; Rochester Medical Group in the Detroit area; Fort Wayne Neurological Center; and Gynecology Center Inc. Fort Wayne.
MIE said it is offering credit monitoring and identity protection services to affected individuals, free of charge, for the next 24 months. The company also created a toll-free call center at (866) 328-1987 to answer questions about the attack and the support and services being provided.
The company said it also is working with a team of information technology security experts to enhance data security and protection.
FBI spokesman Joshua Campbell said in a statement that “FBI cyber investigators are working to identify the nature and scope” of the attack.
“Individuals contacted by the company should take steps to monitor and safeguard their personally identifiable information, and report any suspected instances of identity theft to the FBI’s Internet Crime Complaint Center at www.ic3.gov,” the statement said.
MIE creates Web-based software applications for health care providers for electronic medical records and personal health care records.