Top Health Doctors, a Brisbane-based GP and skin cancer clinic group, experienced an email account compromise incident in September that may have impacted up to 5500 people.
The incident was publicly disclosed late last week when Services Australia opened a data matching exercise to try to determine if patients' Medicare number or Centrelink Reference Number were among details that had been accessed.
“Services Australia will compare the data provided by Top Health Doctors to Medicare and Centrelink customer records held by the agency,” it said in a notification of the data-matching activity.
“This will assist the agency to identify affected customers and apply proactive security measures to affected customer records.”
The agency added that an “initial analysis provided by Top Health Doctors indicates that there may be approximately 5500 impacted customers.”
A spokesperson for Top Health Doctors West End confirmed details of the incident to iTnews, noting it affected a single mailbox for one location.
“Top Health Doctors West End clinic experienced an incident limited to an email compromise of an administration mailbox only,” the spokesperson said.
“As a precautionary measure, Top Health notified all patients at the West End practice.
“Top Health also notified relevant authorities, including Services Australia, who have a specialist team that can apply precautionary measures to records if required.”
Services Australia said the victim medical practice had turned over data on the card number, expiry date and customer name appearing on Medicare or Centrelink concession card, the customer’s date of birth and residential address.