Diabetes WA, an organization providing support services to individuals affected by diabetes in Australia, revealed a breach notice stating that a third-party vendor had gained unauthorized access to the personal information of some of its contacts. The compromised data included sensitive details such as names, addresses, dates of birth, contact information, and even Medicare numbers. Fortunately, detailed medical records and clinical information were not accessed during the breach.
The breach occurred through one compromised Diabetes WA user account, which was promptly closed to block further access by the attacker. Despite the breach, Diabetes WA assured that the attack did not spread laterally across their systems, indicating that the breach was contained. The organization took swift action to notify all affected individuals and promptly informed the Office of the Australian Information Commissioner about the incident.
As a precautionary measure, Diabetes WA recommended that affected individuals obtain a new Medicare card number either online via MyGov or by contacting Services Australia. Additionally, the organization emphasized that the breach was quickly detected and fully contained, and they are currently investigating the incident further through their Cyber Security Response Plan. Concerned individuals were also encouraged to seek additional assistance through IDCare, a national identity and cyber support service.
Despite the breach, Diabetes WA remains committed to safeguarding the privacy and security of its contacts and is taking proactive steps to address the incident. The organization’s swift response and transparent communication reflect its dedication to ensuring the well-being of individuals affected by diabetes in Australia.
