The company confirmed the website vulnerability which allowed access to contact details of GPs has been closed.
Healthcare educator Healthed has confirmed that the contact details of between 500 to 1000 GPs have been accessed via a “vulnerability within [its] website”, but that no credit card details have been compromised.
According to a statement from the company published by newsGP, the vulnerability was traced back to work done by a third-party contractor.
“This vulnerability led to the names, email addresses, postal addresses and mobile phone numbers of participants who attended Healthed’s face-to-face educational seminars becoming publicly available,” the statement said.
“Healthed acted swiftly to resolve the issue within two hours of it being discovered and immediately advised its delegates and staff of the incident via email.
“Healthed deeply regrets the unauthorised sharing of personal contact details caused through this incident.”
A spokesperson for Healthed told HSD that as a part of its security protocols it does not store credit card details on its website and therefore credit card information was never at risk in this event.
RACGP president Dr Nicole Higgins told newsGP the breach was a reminder of the importance of cybersecurity and education.
“People need to remember that we also all use Facebook, Tik Tok, Instagram every day and that our information and data is being collected by external agencies,” she said.
“It’s really challenging when your data is being shared, which is why the RACGP has multiple layers in place for early detection.
“There are practical things that GPs can do when they attend education events or anything in their role as GPs, and that is to use the practice address and the practice phone number as their contact details rather than putting personal information down.”
A Healthed spokesperson confirmed the company had since taken action to prevent a similar breach occurring in the future.
“The integrity and security of data held by Healthed is a key priority for the company which has taken steps to ensure its website is now fully secure to prevent a similar incident from occurring again,” they said.
Healthed holds a 10% holding in HSD’s parent company, The Moose Republic.