On 23rd Dec 2020, MGS Physiotherapy was subject to a Cybercrime event.
This incident has been reported to the Australian Cybercrime Security Centre (ACSC), the Australian Federal Police and the Office of the Australian Information Commissioner (OAIC).
Forensic assessment of the event indicates there was no access, removal or information stolen as a result of the intrusion. However, some information has been critically damaged.
Efforts to restore this information are ongoing. Until restoration of the damaged files can be achieved, we are unable to view, in any meaningful way, data for individuals who have attended our Manly or Mona Vale locations between March 2018 and December 23rd 2020.
Please note all information retained by MGS Physiotherapy is securely encrypted in transit and storage and we do not record or retain any personal financial details, credit card or bank account details.
Our system has since been re-built and functioning apart from the above missing timeframes. Ongoing governance in how we handle, record and store information is in constant review to ensure the prevention of such malicious attacks in the future.
What was not affected by the 2020 incident
This cyber incident did not result in any patient or clinical data being removed, accessed, or stolen.
We do not record or retain any personal financial details, credit card or bank account details.
Our Online Booking System remains a safe way to make your MGS Bookings and is operating as per normal.
Taking care online
With rapid advances in information technology, this type of criminal behaviour is becoming increasingly more sophisticated. We think it prudent to remind all our patrons of the risk of fraud and indemnity scams and would like to offer some useful self-help steps to check and protect your identity, finances and personal information.
Set up and learn to use two-factor authentication (2FA) for your important accounts.
Check bank statements and report anything amiss and set up a credit alert.
Be alert to emails and calls from unknown sources or requesting personal details.
Check with the ATO for any unauthorized requests for early release of your super.
For more guidance, please visit Staying Safe Online.