A cyberattack that disrupted email and phone services at the Baton Rouge (La.) Clinic earlier this summer also compromised some patient data, the clinic said Wednesday.
The cyberattack, which took place in July, affected up to 308,000 patients, according to a report the Baton Rouge Clinic submitted to HHS’ Office for Civil Rights.
The Baton Rouge Clinic, part of Mayo Clinic’s care network, in July discovered that a hacker had encrypted some of the clinic’s files as part of a cyberattack against databases containing email systems and patient records.
At the time, the clinic notified patients they could continue to receive care at its locations, despite the attack disrupting email and phone lines, as well as limiting lab and radiology services.
Edgar H. Silvey, the clinic’s chief executive officer, in a letter to patients this week wrote that Baton Rouge Clinic’s investigation to date has found no evidence to suggest that information compromised in the data breach has been misused.
The clinic is working with third-party technology experts to investigate the incident and has reported the cyberattack to the FBI, he said.
Silvey said the hacker “confirmed that none of the files were used or disclosed to anyone and any files taken were destroyed,” he wrote in the letter posted online Wednesday.
“Unfortunately, cyberattacks are increasing at an alarming rate and no organization is completely immune from such nefarious activity despite all of the security initiatives taken to prevent such attacks,” he wrote.
The Baton Rouge Clinic did not immediately respond to a request for comment.