fbpx

Lister Fertility Clinic data breach puts patients at risk

medical data claim
Facebook
Twitter
LinkedIn

The Lister Fertility Clinic, which treats around 2,000 patients each year, has experienced a data breach. Sensitive medical information, including consent forms, medical history, test results, recommendations for treatment, and fertility treatment records, could all now be at the mercy of cybercriminals. About 1,700 patients are affected.  

If the Lister Fertility Clinic data breach exposed your personal information, you could have a compensation claim.  

Cybercriminals accessed confidential patient data

The data breach happened when a document management firm used by the Lister Fertility Clinic experienced a ransomware attack. The company refused to pay up, and criminals leaked tens of thousands of patient files onto the dark web. 

Lister patients have been reassured that their data has not been shared online. But the clinic has admitted that this could still happen. And, in addition to the threat of private medical procedures becoming public, the hackers might also choose to sell the medical records to other criminals.  

Similar medical data breaches have resulted in fraud, blackmail, identity theft and more. So those affected are likely to be experiencing high levels of distress. 

How has the Lister Fertility Clinic responded?

Speaking to the BBC, the Lister Fertility Clinic said: “We are deeply sorry that this happened, and we are in the process of contacting those affected to provide more information and to offer any support they may need.”

The clinic was not the only business to experience the cyberattack. In total, 13 organisations were affected, six of which are healthcare-related. The attack also affected the Nuffield Health Leicester Hospital, Marie Stopes, and the British Pregnancy Advisory Service clinics.

Commenting on the breach, Mathew Evans, an associate and data breach specialist at Keller Lenkner UK said: “The health and medical sector handles some of our most sensitive and confidential information. As patients, we expect these records to be taken care of, but as this breach shows, this is not always happening. The failure to keep patient data safe is a clear violation of the UK’s data protection regulations, and affected individuals are likely to be due compensation for the distress and anxiety caused.

“I urge the Lister Fertility Clinic to keep all patients informed about this breach, and whether their data has been compromised by criminals. This knowledge is vital to ensure patients know what steps to take to stay safe.”

How to stay safe after the Lister Fertility Clinic data breach

Victims of data breaches often become the target of cybercriminals. Our expert data breach lawyers have provided some helpful tips to help patients of the Lister Fertility Clinic stay safe. 

Protect your finances following a data breach or cybercrime 

While the clinic does not believe that any financial data has been exposed in this cyberattack, if you are a Lister Fertility Clinic patient you should:  

  • Contact your bank or credit card provider immediately if your financial data has been exposed. 
  • Check all bills and emails for goods or services you have not ordered. 
  • Check your bank account for unfamiliar transactions. 
  • Alert your bank or credit card provider immediately if there is any suspicious activity. 
  • Monitor your credit score for any unexpected dips. 
  • Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name. 
  • Never provide your PIN or full password to anyone (even someone claiming to be from your bank). 
  • Never been pressured into moving money to another account for fraud reasons. A legitimate bank won’t ask you to do this. 

Watch out for further attacks and attempts to extract additional information from you 

As well as following any security instructions provided by the clinic, we recommend that you:  

  •  Never automatically click on any suspicious links or downloads in emails or texts. 
  • Don’t assume an email or phone call is authentic just because someone has your details. 
  • Be careful who you trust – criminals often use scare tactics to try and trick you into revealing your security details. 
  • Know that, even if you recognise a name or number, it might not be genuine. 
  • Don’t be rushed or pressured into making a decision. A trustworthy organisation would never force you to make a financial transaction on the spot. 
  • Never provide your full password, pin or security code to someone over the phone (or via message). If a bank believes a transaction has been fraudulent, they will not ask for this information to cancel the transaction. 
  • Listen to your instincts and ask questions if something feels “off”. 
  • Refuse requests for personal or financial information and stop discussions if you are at all unsure. 
  • Contact your bank or financial service provider on a number you know and trust to check if a communication is genuine. 
  • Be cautious of unsolicited communications that refer you to a web page asking for personal data. Be especially wary of any communications claiming to come from the Lister Fertility Clinic. 
  • Don’t accept friend requests from people you don’t know on social media. 
  • Review your online privacy settings. 
  • Report suspected fraud attempts to the police and Action Fraud. 

Put some data protection best practices in place to stop the threat from escalating 

 If you are especially worried you can register with the Cifas protective registration service to slow down credit applications made in your name. You should also: 

  • Change your passwords regularly and use a different password for every account (a password manager can help with this). 
  • Protect your devices with up-to-date internet security software. 

Make a compensation claim with Keller Lenkner UK

If you have been affected by the breach of your medical data, we can help you make a compensation claim for the failure to protect your private and sensitive information. This includes for any emotional distress suffered and any other losses experienced due to the breach (e.g. if cybercriminals used your details to carry out theft or fraud).

Contact us in confidence to discuss your case.

Contact Keller Lenkner to discuss a data breach claim.

Share this article: