Thousands of patients at an Edina fertility center had their personal and health information exposed by a hacker demanding a ransom from the company.
A spokeswoman for Colorado Center for Reproductive Medicine (CCRM) said Monday that while security for the sensitive information at the Edina site had been compromised, any misuse by the unidentified hacker has not surfaced.
“There is no evidence that patient information was accessed, viewed or used,” said Constance Rapson, chief marketing officer for Denver-based CCRM.
Rapson said there were nearly 3,300 “potentially affected” patients whose information was exposed at the Edina clinic.
The Edina site was the only one hacked among CCRM’s string of offices around North America.
The firm operates a flagship location in Colorado, as well as clinics in Atlanta, Boston, Houston, New York, northern Virginia, Orange County (Calif.), San Francisco and Toronto.
CCRM has brought in experts to have patients’ credit histories and identities monitored for theft at no cost for the next 12 months, she added.
The company said it discovered on Oct. 3 that its computer server had been the victim of the ransomware invasion and then notified patients.
“CCRM did not pay the demanded ransom [to the] unknown, unauthorized third party,” read a statement from the company.
CCRM, founded in 1987, offers a wide range of treatment to help couples wishing to have children, ranging from egg donation to in vitro-fertilization to artificial insemination.