Cyber Incident Update

Optimum Allied Health’s (OAH) investigation into a cyber incident involving the disclosure of data online is finalised and has found evidence that some personal information was involved, and that health information may also have been impacted.

Since becoming aware of the incident, OAH has been working as a priority to determine exactly what information was impacted so that we can notify relevant individuals.

Our review of the disclosed data has found some personal information relating to some of our staff and clients. We are taking steps to notify those impacted as required. Our investigation also determined that client health and treatment information relating to the services OAH provides may have been involved. This is most likely to relate to referral letters from external organisations and treatment reports created by OAH staff.

We understand this news may be concerning, and we apologise for any distress and inconvenience caused as a result of this incident. Should you experience any anxiety or distress in relation to this, please seek medical advice from your regular treating physician or GP.

If you wish to speak with a Beyond Blue Counsellor, they can be contacted via phone on 1300 22 4626 or you can chat to a counsellor online. You can learn more about the Beyond Blue Support Service on their website: https://www.beyondblue.org.au/get-support/talk-to-a-counsellor.

We take cyber security seriously and have ensured additional security measures are implemented. This includes having engaged a new IT provider with enhanced data security protections as we work to prevent recurrence.

We urge you to remain vigilant against the risk of phishing emails and scams, which are often the most likely risk associated with any unauthorised access to personal information.

Scam calls and phishing emails are becoming increasingly sophisticated and can appear to come from legitimate phone numbers with local area codes. They will often claim to be calling from a reputable organisation, such as a government entity, bank, or telecommunications agency. They will also create a sense of urgency to try to get you to disclose sensitive information or to elicit funds from you.

There are some steps you can take to help protect yourself against these scams:

• be aware of email, telephone and text-based scams. Do not share your personal information with anyone unless you are confident about who you are sharing it with;
• when on a webpage asking for your login credentials, take note of the web address or URL (Uniform Resource Locator). The URL is located in the address bar of your web browser and typically starts with https://;
• if you are suspicious of the URL, do not provide your login details. Contact the entity through the usual channels to ensure you are logging into the correct web page. Please note that we will never contact you to ask for your username or password;
• enable multi-factor authentication for your online accounts where possible, including your email, banking, and social media accounts;
• ensure you have up-to-date anti-virus software installed on any device you use to access your online accounts;
• check the strength of your passwords and whether they have been involved in any data breaches on the NSW Government password checker website: https://www.nsw.gov.au/id-support-nsw/passwords; and
• follow the Australian Competition and Consumer Commissions Scamwatch guidance for protecting yourself from scams here: https://www.scamwatch.gov.au/get-help/protect-yourself-from-scams/.

For more information you can visit the Office of the Information Commissioner’s (OAIC) tips for further guidance about protecting your identity: https://www.oaic.gov.au/privacy/your-privacy-rights/tips-to-protect-your-privacy/.

The relevant authorities have been notified of this incident. This includes the OAIC and the National Disability Insurance Agency, as well as other relevant government departments.

We are committed to supporting those impacted by this incident. Please don’t hesitate to contact our team by emailing enquiry@opthealth.com.au with any questions and one of our team will be able to support you.

16 November 2023