NewClinic.TAM ST 11.jpg (copy)

File photo of a pediatric hospital.

A pediatrics practice in Prairieville is working with the FBI and has notified its patients' families of a ransomware virus that in August attacked the computer network of the information technology company that provides IT services for the clinic.

A ransomware virus stops users from getting into their computer system and demands a payment before they can get back in. 

"It hit our IT company and came in through their system into ours," said Lisa Hamner, the office administrator for Magnolia Pediatrics on Commerce Centre Drive.

Hamner declined to name the IT company, which, she said, did pay the ransom to resolve the issue.

"To the best of our knowledge … no patient information was removed by an unauthorized party from Magnolia Pediatrics' computer system as a result of this attack," the clinic said Thursday in a statement. 

The virus encrypts network data into unreadable code, both for those behind the attack and those who were the target, Hamner said.

The patient data that was encrypted from Magnolia Pediatrics included names, dates of birth, Social Security numbers, addresses, phone numbers, insurance information, medical record numbers and other clinical information that includes the names of treating physicians, diagnoses, lab results and medication, the clinic said.

Tangipahoa Sheriff's Office may have been targeted in school system's cyberattack

Magnolia Pediatrics is working with the FBI in an ongoing investigation into the ransomware attack and has taken steps to stop such incidents in the future, the clinic said. 

The steps include password resets, rebooting firewalls and implementing stronger spam filters with a quarantine process for suspicious emails.

Hamner said the medical practice doesn't keep patients' financial information. 

However, Hamner said, "out of an abundance of caution," the clinic is recommending that patients' families monitor credit card statements and credit bureau reports.

Magnolia Pediatrics also recommends that the families register a fraud alert with the three credit bureaus, TransUnion, Equifax and Experian. 

The clinic recommends that anyone thinking their information has been compromised should notify their local law enforcement agency.

If people suspect identity theft, they should call the Federal Trade Commission at (877) 438-4338 and the Louisiana Attorney General's Office at (800) 351-4889.

"We deeply apologize for any inconvenience or concern this incident has caused you," Magnolia Pediatrics said.

For more information, call the clinic at (225) 744-4484 or at (833) 894-8542.

Email Ellyn Couvillion at ecouvillion@theadvocate.com.