Though no one would realize it for 19 days, May 7 was not a day unlike any other for Fort Wayne, Ind.-based medical software company Medical Informatics Engineering. It was the day that someone slipped into the company's system undetected, hacking it and potentially exposing the personal health information of the patients of healthcare providers it serves.
In addition to health records, the compromised information includes names, addresses, birth dates and Social Security numbers. The number of affected patients has not yet been determined, Eric Jones, CEO of MIE, told the AP.
Cyber investigators are working to identify the nature and scope of the attack, FBI spokesman Joshua Campbell said in a statement.
MIE creates web-based applications and software such as EMRs for health care providers such as Addison, Texas-based Concentra, which operates more than 300 medical centers across 38 states.
The company is offering free credit monitoring and identity-protection services to individuals affected by the hack for the next 24 months. It is also working with information technology security experts to take steps to improve data security.