In the past, ONE was a major user of MIE's software products, but in November the clinic made a decision to move to electronic medical records technology from General Electric Co.'s GE Healthcare unit. It was also around this time that MIE stopped supporting ONE's Webchart implementation, said Lesko, whose company resells GE's software. According to Plesko, ONE's original plans called for the migration from MIE to GE's software to be completed by June. But that schedule has been accelerated and the plan now is to go live with the GE software next month, he said.

Eric Jones, MIE's chief operating officer, said that the software developer is fully cooperating with the FBI and that it wasn't responsible for the database changes at ONE or the placement of the back door in the clinic's system.

"We don't use back doors in our software, period," Jones said. "We don't believe in them." MIE officials "are hopeful that the investigation will be wrapped up soon," he added. "We don't expect that anything would come of this."

Raymond Kusisto, the clinic's CEO, said via e-mail that ONE had little to add about the hacking incident beyond the information that was disclosed by Plesko. "Once the FBI investigation is complete, we'll hopefully learn some things that may be appropriate to share," Kusisto said.

An FBI spokeswoman in the agency's Indianapolis office would neither confirm nor deny that an investigation is taking place, citing U.S. Department of Justice policies.