Jon:
1. I don't know. I expect someone did. I marked both attachments as spam in updox and went into archive folder and deleted both. I use professional gmail with my own domain for my office mail. They say they keep an eye out for this sort of stuff. I have not gone through the employee's mail to see if there is a suspicious file. Should I? I do not know where to begin. I have 12 users (including 2 physicians) Suggestions?
2. Yes. Took long. Lot of data. My imported files alone are over 100 gig. I have a 1 gig switch. I have two NAT, one encrypted and one not encrypted as a "soft backup?". Non-encrypted NAT bit the dust, was infected as well. Encrypted NAT was safe. Don't ask me what it means, my IT guy (cousin) knows. He also works for IT at UCSF. He said getting a 10 gig switch would have made the process faster, but it is very expensive. So, considering this is the first time ever having to restore my entire system completely, not just emr or billing system... even domain controlled had to be rebuilt... It was not a big deal. Lucky it happened Friday when I do not have clinic, my associate was out, and I was in the OR. David said it was mostly a lot of waiting for unencrypting, formatting, and waiting for backup to upload, etc. My son helped, he is interested in computers. Since all computers had to be rebuilt, we had to start with a "brand new" computer. This was actually an old server that David told me to keep around "just in case". Actual work was only a few hours. This does not include the anguish and anxiety experienced by yours truly...
3. No. I just notified them at 3 pm today. I got the usual canned response. I am not sure updox is the source, but if, somehow, the file was uploaded to UPDOX from my server, I want them to be aware so they can take any steps necessary to prevent its spread.
On a side note, my network is running super fast now. There is always a silver lining...
