We regret to inform you that we there has been a malicious data breach within the operating system used by us, Practice Hub.
Although this is an ongoing investigation here’s what we currently know:
- This was a malicious act however we await more data to determine whether this was theft or destruction.
- The breach has occurred within our file storage system - meaning any patient file attachment have unfortunately been compromised. Predominately for our members this solely involves your posture pictures or any documents we have uploaded on to your file i.e. hospital/consultant referrals.
- Our current understanding is no other personal information has been compromised (such as name, date of birth, address for example). Unfortunately however those of you whom have filled in a paper version of our patient history form from 2018 onwards, sensitive data such as name, date of birth and address would be involved in this breach. We will notify you if you fall in to this category.
- If you do not know how you submitted your data and are concerned, then please contact us here at the practice 01355 266911 or email our Practice Manager Meg at [email protected]
- We do not hold any bank details for any of our practice members on file.
- This has not been a specific attack on our database server but a malicious attack that has affected other users of AWS (Amazon Web Services).
- Data recovery is currently ongoing and in process. However, it is still unknown if the data has been lost permanently.
- We have changed all passwords used on our database in order to increase security of your data.
We will continue to keep you posted as this situation progresses but if you have any concerns please do not hesitate to contact us. We advise that you be extra vigilant at this time for phishing scams etc due to the nature of this breach.
Jonathan, Megan and The Team