The Valley's largest optometry practice, Eye Care Associates, Inc., was hit with a ransomware attack on July 28 at 4 a.m.

According to the Federal Trade Commission, ransomware is malicious computer software that uses encryption tools to take data hostage or denies users access until a ransom is paid.

All Eye Care Associates locations have been and continue to remain open during the situation.

Director of Community Relations and Practice Development, Stephanie Champlin, said no patient information was compromised in the attack, and all of their data is backed up.

Because no patient information was accessed, Eye Care Associates has not notified their patients of the ransomware attack.

Champlin said the main issue they have encountered is with their scheduling system, which has made it difficult for patients to make appointments and employees currently have limited access to the system.

"During this time, we remain committed to ensuring excellence in patient care. We are continuing to see regularly scheduled patients as well as patients that have unexpected changes in their vision. Also, our EyeWear Galleries are continuing to meet the eye care needs of our patients," she said.

Director of Operations, Mary Sierra, filed a police report with the Beaver Township Police Department the day after the attack.

She reported a ransom malware program had locked them out of their system until an unknown amount was paid.

According to the police report, Ron Lipinski, supervisor for Global Business Solutions Corp., Eye Care Associates' third party IT company responsible for their data backups, advised a Trojan virus had been sent to an employee's email, proceeded to lock all users out of the system and "the Trojan appears to have originated from North Korea."

The investigation into the attack has since been turned over to the FBI.
Eye Care Associates hopes to be back up and running by the end of the week.
“We want to apologize to patients attempting to schedule appointments. However, we are taking every precaution to protect every record. Although it is taking some time to do this, we chose the security of our patient information over quick business recovery,” Champlin said.