One of the London Transgender Clinic’s email addresses has been hacked and an email was sent to service users in an attempted ‘phishing scam’ according to the clinic.
The clinic revealed the breach on their Instagram story not long after the breach became apparent.
According to the clinic a small number of contacts and service users received an email from the clinic’s HRT email account that contained a fake encrypted file.
The clinic have advised service users who may have received this email to delete it.
When we contacted the clinic for more information on the situation they told us that they believe the email was an attempt to gather service user data and that they believe the origin of the breach came from an unnamed GP practice but could not be certain.
The clinic told us that they have begun a full investigation and will update service users who have been effected with updates as their investigation develops.
They also told us that they intend to to submit a report to the Information Commissioner’s Officer as is required under General Data Protection Regulation (GDPR).
If you are a service user please be cautious if you have received an email from the clinic’s HRT email address that says: “Good Morning, Please process the attached and get back to me if you have any further questions” and has a file attached that starts with the name: “doc0162072021062911…”.
Here is the full statement the London Transgender Clinic sent to us:
“Around noon yesterday (21/09/22), a small assortment of patients and contacts received a malicious email from firstname.lastname@example.org with a fake encrypted attachment.
We discovered the malicious emails quickly, which was when we sent out our social media message to hopefully limit interaction with the email in the short term while our tech team were isolating and containing the situation.
Our tech team managed to ascertain that this was in an attempted to illicit email account data from the user. Our tech team were able to work out the device sending these emails and prevent further access. We believe the origin of this breach came from a GP practice; however, we cannot be certain.
With regards to patient and contacts data, our tech team believe the motive of the scam was to obtain login details seemingly to perpetuate the phishing scam. A full investigation is underway but if we have any updates we will contact the relevant parties further.
We are committed to the security and going forwards, our tech team are looking into ways to be stricter with our authentication measures to ensure an attack like this in future isn’t possible. In addition, we will be submitting a report to the Information Commissioner’s Office under General Data Protection Regulation.
Those affected have been sent a full appraisal of the situation and, however, we advise that anyone effected please do not attempt to open the email, attachment or enter their details and if they have please make sure they change their password as soon as possible to make sure their account is secure and please do not attempt to access the attachment further.”