Phishing email warning

20 January 2023

ANZCA has been made aware that some fellows have received phishing emails from a Victorian orthopaedic surgeon’s rooms that includes a link to access confidential patient details.

The surgeon’s office has confirmed that their system has been compromised and emails have been sent from their business address. The phishing email claims to link to a site that downloads confidential medical data with an email and password.

ANZCA can assure fellows, trainees, SIMGs and staff that ANZCA’s cyber security has not been breached. 
The email addresses that are being targeted are professional addresses and those that anaesthetists use with insurers such as Medibank Private. Other medical specialists are also being targeted, not just anaesthetists.

This latest incident highlights the need to be vigilant about potential phishing attempts and to be alert to any suspicious emails and associated links given the recent Medibank Private data breach.

Updated fraud advice from Medibank Private issued to ANZCA and other providers in response to the insurer’s data security breach late last year includes the following guidance:

“If you’re concerned that your provider number has been exposed, you don’t need to request a new provider number. If you suspect someone may be committing fraud against Medicare, you can report it on the Services Australia website
“The Australian Federal Police has expanded Operation Guardian to protect our customers and providers whose personal information has been unlawfully released online by ransomware criminals. We’ve worked with Services Australia to ensure appropriate preventative and monitoring measures are in place. We are also contacting all health funds to update them of the latest developments and best actions to take.”  
Medibank says further updates relating to providers are available on their health provider site.

Last updated 15:58 23.01.2023