JACKSONVILLE, Fla. — A Florida legal firm is warning of a data breach at a Jacksonville health facility.

On Jan. 24, the Jacksonville Spine Center, a physician practice providing pain management services in locations throughout Northeast Florida, was the victim of a ransomware attack on an inactive server that maintained patient files created prior to May 2018, a release from RezLegal said. The criminals threatened to publish the stolen files online unless a ransom was paid, the lawyers said.

Jacksonville Spine’s current main network server is cloud-based and was not impacted during the ransomware attack. No patient files created after May 2018 were affected.

There may be a risk of identity theft and a risk that a third party may view patient information as a result of the ransomware attack. Cteps can be taken by Jacksonville Spine’s patients who visited the practice at the Jacksonville or St. Augustine locations at any time prior to May 2018 can take to avoid further issues concerning their protected health information

It is recommended that affected patients monitor their financial accounts and if any unauthorized activity is identified, promptly contact their financial institution. A free copy of credit reports from each of the three major credit reporting agencies can be obtained by visiting annualcreditreport.com or calling 1-877-322-8228.

A fraud alert or credit freeze can be placed on credit reports by contacting the three major credit reporting bureaus, Experian. Equifax and Transunion.