Medical and Financial Records Exposed in Bloom Hearing’s Ransomware Attack

Audiology services provider Bloom Hearing Specialists has experienced a ransomware attack, ⁣resulting in the exposure of confidential information belonging to current and former patients as well ‌as staff‍ members. The‍ breach occurred on July 5, and the company, which operates numerous ⁣clinics​ across Australia and New Zealand under various brands including HearClear Audiology and Brad Hutchinson Hearing, issued an “important security ‌update” on its website on July 9. However, customers claim that they only received email notifications from ⁣the​ company, owned by Active Hearing Pty⁣ Ltd., on August 22.

The‍ company responsible for Bloom Hearing Specialists ⁤is ultimately T&W ⁣Medical; however,​ neither the name T&W Medical nor its Australian ⁤Company Number can be found in the ASIC or Australian Business Register databases. Apart from notifying customers via email and ‍publishing ‌a notice on its‌ website, Bloom Hearing ​has not released any further statements regarding the attack. Customers have reported difficulties contacting the company’s ‍support team as phone calls go unanswered and emails remain unaddressed.

Affected individuals⁣ are​ advised to reach out to ID Care, a charity offering identity ‌and​ cyber support services in Australia and New Zealand. ID Care provides ⁢general ⁣recommendations and further guidance ‍for those affected ​by such incidents. The ransomware attack encrypted data stored within ‌several of Bloom Hearing’s systems. The company ‌has warned customers that there is ⁤a ⁣risk of stolen data being ​published or disclosed to unknown third parties⁣ by threat actors.

The ⁢compromised data includes personal ‍details such as names, addresses, phone numbers, birth dates,⁢ gender information along with health ⁢records ‌like audiograms and other hearing‌ loss-related information. Insurance details including⁣ account information and claims⁢ were also exposed alongside financial particulars like ‍bank account details. Additionally,⁢ government-related identifiers such as Medicare numbers along with contact ⁢details of other individuals associated ⁤with patients were obtained.

Former employees’ personal information was also compromised including tax file numbers (TFNs)⁣ along with salary details. Healthcare ​professionals’ personal data was affected too⁣ along with financial information pertaining to suppliers/vendors involved with Bloom⁤ Hearing Specialists.

Bloom Hearing stated that immediate action was ⁢taken upon discovering the breach in order to contain it and secure their‌ systems; however some customers have expressed concerns about the delay in ‍notification which lasted over a month ​during which‍ phishing attacks could potentially‌ occur ‌more frequently due to increased vulnerability.

The company has​ informed‌ relevant authorities including the⁣ Office of the Australian Information ‍Commissioner (OAIC), New Zealand Office of Privacy Commissioner (OPC), as well as law enforcement agencies in both countries about this incident. Mental health support lines have been provided‌ for those distressed by‍ this breach⁢ alongside assistance available through ID Care.

In addition to its own brand name – Bloom Hearing Specialists – TotalCare Hearing and Chris‌ Laird’s YP Audiology are ⁤also ⁣trading names associated⁤ with this audiology services provider.

Share:

Leave the first comment

Related News