MMH reported unauthorised access of its portal over the New Year period.
MedicAlert were deeply concerned about the potential impact of this breach on our Members. We use MMH to provide our 24/7 Emergency Hotline Service access to member information to protect members best interests.
We commenced investigating Member exposure to the reported data breach.
MedicAlert has since reviewed architectural and security documentation provided by MMH and analysis from independent security consultants.
A written statement from the MMH CEO has also been received providing assurance no information sourced directly from MedicAlert was involved in this breach.
If you have a Manage My Health account that you no longer need or use, we recommend logging into MMH and closing the account.
It is not necessary for a member of MedicAlert to have a MMH account.
The Hackers gained access through a health practices patient account.
While investigating, we became aware of a member who had been notified by MMH their information had been breached, The member was a previous patient at a Heath Practice using MMH.
If you are a current patient of a health practice using MMH and still need access to a Manage My Health account, we recommend changing your password and enabling Multi Factor Authentication. MMH are continuing to work and report on this incident.
The Foundation apologises to Members for the time it has taken to complete its investigation and provide this assurance notice.
The Foundation felt it was extremely important to be satisfied its data security through MMH was in order before making this public statement.
If you have any further concerns, please email Membership Services. We will consider the matters you raise, investigate if necessary and respond accordingly.
Murray Lord
Chief Executive Officer
.png){kind=logo}
