A company that provides data services for Warren General Hospital and UPMC Kane was the victim of a ransomware attack in September.

According to a statement from Wolverine Solutions Group, provided to the Times Observer by WGH Chief Operating Officer Joe Akif, there was no evidence any sensitive information was taken.

“On or around September 23, 2018, we had a malicious software attack,” a letter from Wolverine to WGH patients reads. “We hired an expert to investigate the issue. The expert found no proof that any information was taken.”

The attack “locked up our servers and work stations,” according to a statement from Wolverine. “Working closely with a team of respected IT and forensic experts, we worked around the clock to restore our systems and to ensure our data is securely protected.”

Wolverine notified WGH in December that the information that may have been exposed included “demographic, health and medical information, and in some cases social security numbers,” according to the letter.

Wolverine reported the incident to the FBI and “conducted a thorough investigation to determine precisely what occurred and the nature of the information involved,” according to the statement. That investigation “could not identify any evidence confirming that the personal data on our system was extracted.”

Despite evidence that supports any loss of information, Wolverine is taking steps to help clients who feel the need for additional security.

“We share your concern,” according to the letter. “Therefore, even though we do not believe anything was taken from our system, we are taking steps to guard against identity theft or fraud.”

“Depending on the type of information that may have been involved, we are offering credit monitoring to those affected,” according to the statement.

The letter indicates how patients can activate credit monitoring and fraud alerts, and initiate an investigation if losses are detected.

“We take the protection of your personal information seriously and are taking steps to prevent a similar event,” according to the letter. “We have switched to a different computer system that has added protections. We are also training our workforce in safeguards.”

“We are deeply sorry that this incident occurred and apologize to our business clients and affected individuals,” according to the statement. “Safeguarding the personal and business information of our customers is of the utmost importance to us.”