FedEx informed its delivery company on Monday that it was investigating whether information systems it uses to store medical information could be compromised, according to an internal document obtained by The Verge.
The document is dated February 2, 2019 and lists FedEx’s IT department as the target of the investigation.
FedEx said it had notified the medical information provider, which is owned by FedEx and is responsible for handling its delivery of medical records, about the inquiry.
FedEx has since told The Verge that it is currently conducting an internal review.
The company has been working with a cybersecurity firm that has been hired to conduct the investigation, but has not yet made any findings, a spokesperson told The Guardian.
A spokesperson for the company told The Washington Post on Monday evening that the company is not aware of any potential security vulnerabilities in its systems, and that its team has not received any specific threats in response to the email.
FedEx declined to comment on the specific investigation.
The FedEx spokesperson told Business Insider that the emails were not part of the company’s normal communications, and did not include a response to questions.
“We are aware of the email, and we have not received a threat,” the spokesperson said.
“However, we do not have a firm timeline on when we may notify our providers of our findings.”
The company is reportedly investigating a variety of areas related to its healthcare delivery system.
In October, the Department of Homeland Security announced that it had identified a malware that targeted FedEx data, and was also reportedly using it to steal financial information from an individual, though that information was never shared with FedEx.
In May, the US government charged that the Chinese military had used FedEx to steal sensitive financial data.
The US Department of Justice, however, has yet to publicly announce any further charges related to the FedEx incident.